From 946b7e5e36e64e79650327673dc5e55a1369c7f7 Mon Sep 17 00:00:00 2001
From: Super Liu <supercjliu@google.com>
Date: Fri, 23 Dec 2022 02:21:50 +0000
Subject: [PATCH 1/8] [DO NOT MERGE] Add sepolicy for procfs_touch_gti type

Bug: 262796907
Test: TreeHugger build pass.
Change-Id: I2b89aa6e0e9b8fbe42121f34e4c70639bdc225d2
---
 whitechapel_pro/file.te                  | 2 ++
 whitechapel_pro/genfs_contexts           | 1 +
 whitechapel_pro/google_touch_app.te      | 1 +
 whitechapel_pro/hal_dumpstate_default.te | 3 +++
 4 files changed, 7 insertions(+)

diff --git a/whitechapel_pro/file.te b/whitechapel_pro/file.te
index 8b79dbe4..90fe2fbf 100644
--- a/whitechapel_pro/file.te
+++ b/whitechapel_pro/file.te
@@ -112,8 +112,10 @@ type sysfs_usbc_throttling_stats, sysfs_type, fs_type;
 
 # Touch
 type proc_touch, proc_type, fs_type;
+type proc_touch_gti, proc_type, fs_type;
 userdebug_or_eng(`
     typeattribute proc_touch mlstrustedobject;
+    typeattribute proc_touch_gti mlstrustedobject;
 ')
 
 # Vendor sched files
diff --git a/whitechapel_pro/genfs_contexts b/whitechapel_pro/genfs_contexts
index 5ee9a609..04bd9a9c 100644
--- a/whitechapel_pro/genfs_contexts
+++ b/whitechapel_pro/genfs_contexts
@@ -31,6 +31,7 @@ genfscon sysfs /devices/soc0/revision                                          u
 genfscon sysfs /devices/platform/10d10000.spi/spi_master/spi0/spi0.0/synaptics_tcm.0/sysfs   u:object_r:sysfs_touch:s0
 genfscon sysfs /devices/virtual/sec/tsp                                        u:object_r:sysfs_touch:s0
 genfscon proc  /focaltech_touch                                                u:object_r:proc_touch:s0
+genfscon proc  /goog_touch_interface                                           u:object_r:proc_touch_gti:s0
 
 # tracefs
 genfscon tracefs /events/dmabuf_heap/dma_heap_stat                             u:object_r:debugfs_tracing:s0
diff --git a/whitechapel_pro/google_touch_app.te b/whitechapel_pro/google_touch_app.te
index f90fde1e..8428ff80 100644
--- a/whitechapel_pro/google_touch_app.te
+++ b/whitechapel_pro/google_touch_app.te
@@ -8,4 +8,5 @@ userdebug_or_eng(`
   allow google_touch_app sysfs_touch:dir r_dir_perms;
   allow google_touch_app sysfs_touch:file rw_file_perms;
   allow google_touch_app proc_touch:file rw_file_perms;
+  allow google_touch_app proc_touch_gti:file rw_file_perms;
 ')
diff --git a/whitechapel_pro/hal_dumpstate_default.te b/whitechapel_pro/hal_dumpstate_default.te
index fbfbd227..12fb8a7e 100644
--- a/whitechapel_pro/hal_dumpstate_default.te
+++ b/whitechapel_pro/hal_dumpstate_default.te
@@ -84,6 +84,9 @@ allow hal_dumpstate_default sysfs_touch:file rw_file_perms;
 allow hal_dumpstate_default proc_touch:dir r_dir_perms;
 allow hal_dumpstate_default proc_touch:file rw_file_perms;
 
+allow hal_dumpstate_default proc_touch_gti:dir r_dir_perms;
+allow hal_dumpstate_default proc_touch_gti:file rw_file_perms;
+
 allow hal_dumpstate_default vendor_displaycolor_service:service_manager find;
 binder_call(hal_dumpstate_default, hal_graphics_composer_default);
 allow hal_dumpstate_default sysfs_display:dir r_dir_perms;

From 959825045e362d989ed418765fe5fa93eef638d8 Mon Sep 17 00:00:00 2001
From: Doug Zobel <zobel@google.com>
Date: Wed, 11 Jan 2023 18:44:08 -0600
Subject: [PATCH 2/8] Add sepolicy for PCIe link statistics

PCIe link statistics collected by dumpstate and pixelstats.

Test: adb bugreport && unzip bugreport*.zip && grep link_stats dumpstate_board.txt;
      adb logcat "pixelstats-vendor:D *:S"
Bug: 264287533
Change-Id: I173ba399a60f29aa8a5edf1e86f97f214b4879c8
Merged-In: I173ba399a60f29aa8a5edf1e86f97f214b4879c8
Signed-off-by: Doug Zobel <zobel@google.com>
---
 whitechapel_pro/file.te                  | 1 +
 whitechapel_pro/genfs_contexts           | 4 ++++
 whitechapel_pro/hal_dumpstate_default.te | 3 +++
 whitechapel_pro/pixelstats_vendor.te     | 4 ++++
 4 files changed, 12 insertions(+)

diff --git a/whitechapel_pro/file.te b/whitechapel_pro/file.te
index 90fe2fbf..1c10354e 100644
--- a/whitechapel_pro/file.te
+++ b/whitechapel_pro/file.te
@@ -46,6 +46,7 @@ type sysfs_exynos_bts_stats, sysfs_type, fs_type;
 type sysfs_bcl, sysfs_type, fs_type;
 type sysfs_chip_id, sysfs_type, fs_type;
 type sysfs_touch, sysfs_type, fs_type;
+type sysfs_exynos_pcie_stats, sysfs_type, fs_type;
 type sysfs_bcmdhd, sysfs_type, fs_type;
 type sysfs_wlc, sysfs_type, fs_type;
 type sysfs_chargelevel, sysfs_type, fs_type;
diff --git a/whitechapel_pro/genfs_contexts b/whitechapel_pro/genfs_contexts
index 04bd9a9c..5ec2e546 100644
--- a/whitechapel_pro/genfs_contexts
+++ b/whitechapel_pro/genfs_contexts
@@ -397,6 +397,10 @@ genfscon sysfs /kernel/metrics/temp_residency/temp_residency_all/stats    u:obje
 genfscon sysfs /kernel/metrics/resume_latency/resume_latency_metrics      u:object_r:sysfs_vendor_metrics:s0
 genfscon sysfs /kernel/metrics/irq/long_irq_metrics                       u:object_r:sysfs_vendor_metrics:s0
 
+# PCIe link
+genfscon sysfs /devices/platform/14520000.pcie/link_stats                 u:object_r:sysfs_exynos_pcie_stats:s0
+genfscon sysfs /devices/platform/11920000.pcie/link_stats                 u:object_r:sysfs_exynos_pcie_stats:s0
+
 # Camera
 genfscon sysfs /devices/platform/17000030.devfreq_intcam/devfreq/17000030.devfreq_intcam/min_freq    u:object_r:sysfs_camera:s0
 genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/max_freq          u:object_r:sysfs_camera:s0
diff --git a/whitechapel_pro/hal_dumpstate_default.te b/whitechapel_pro/hal_dumpstate_default.te
index 12fb8a7e..68fbaf15 100644
--- a/whitechapel_pro/hal_dumpstate_default.te
+++ b/whitechapel_pro/hal_dumpstate_default.te
@@ -25,6 +25,9 @@ allow hal_dumpstate_default sysfs_wlc:file r_file_perms;
 allow hal_dumpstate_default sysfs_exynos_bts:dir r_dir_perms;
 allow hal_dumpstate_default sysfs_exynos_bts_stats:file r_file_perms;
 
+allow hal_dumpstate_default sysfs_exynos_pcie_stats:dir r_dir_perms;
+allow hal_dumpstate_default sysfs_exynos_pcie_stats:file r_file_perms;
+
 allow hal_dumpstate_default sysfs_aoc:dir r_dir_perms;
 allow hal_dumpstate_default sysfs_aoc_dumpstate:file r_file_perms;
 
diff --git a/whitechapel_pro/pixelstats_vendor.te b/whitechapel_pro/pixelstats_vendor.te
index a8d7b123..4faad03c 100644
--- a/whitechapel_pro/pixelstats_vendor.te
+++ b/whitechapel_pro/pixelstats_vendor.te
@@ -33,3 +33,7 @@ r_dir_file(pixelstats_vendor, sysfs_vendor_metrics)
 # BCL
 allow pixelstats_vendor sysfs_bcl:dir search;
 allow pixelstats_vendor sysfs_bcl:file r_file_perms;
+
+# PCIe statistics
+allow pixelstats_vendor sysfs_exynos_pcie_stats:dir search;
+allow pixelstats_vendor sysfs_exynos_pcie_stats:file rw_file_perms;

From 75521ed6d8cb5e46f9babb760c9a94123f5c37f1 Mon Sep 17 00:00:00 2001
From: George Lee <geolee@google.com>
Date: Thu, 19 Jan 2023 14:15:12 -0800
Subject: [PATCH 3/8] battery_mitigation: fix brownout reporting selinux [DO
 NOT MERGE]

Ensure ro.boot.bootreason equals sys.boot.reason before filing bugreport
for Brownout.

Bug: 263274350
Test: Local testing to confirm
Change-Id: I7c0cab8811775d52bfb95f23ad19baa87f2ae64e
Signed-off-by: George Lee <geolee@google.com>
(cherry picked from commit 4b3a85cac0206e70dddf7663aa771195c0026eea)
---
 whitechapel_pro/battery_mitigation.te | 1 +
 whitechapel_pro/vendor_init.te        | 1 +
 2 files changed, 2 insertions(+)

diff --git a/whitechapel_pro/battery_mitigation.te b/whitechapel_pro/battery_mitigation.te
index 643b2fc6..4d7e259c 100644
--- a/whitechapel_pro/battery_mitigation.te
+++ b/whitechapel_pro/battery_mitigation.te
@@ -4,6 +4,7 @@ init_daemon_domain(battery_mitigation)
 get_prop(battery_mitigation, boot_status_prop)
 set_prop(battery_mitigation, vendor_mitigation_ready_prop)
 get_prop(battery_mitigation, vendor_brownout_reason_prop)
+get_prop(battery_mitigation, system_boot_reason_prop)
 
 hal_client_domain(battery_mitigation, hal_thermal);
 hal_client_domain(battery_mitigation, hal_health);
diff --git a/whitechapel_pro/vendor_init.te b/whitechapel_pro/vendor_init.te
index 5b828e93..8a2f267f 100644
--- a/whitechapel_pro/vendor_init.te
+++ b/whitechapel_pro/vendor_init.te
@@ -38,6 +38,7 @@ set_prop(vendor_init, vendor_display_prop)
 
 # Battery Mitigation
 set_prop(vendor_init, vendor_brownout_reason_prop)
+get_prop(vendor_init, system_boot_reason_prop)
 
 # MM
 allow vendor_init proc_watermark_scale_factor:file w_file_perms;

From eb745cabd11e531cf3e4a9d0fd06a6adcaff65d8 Mon Sep 17 00:00:00 2001
From: Sajid Dalvi <sdalvi@google.com>
Date: Mon, 23 Jan 2023 15:22:24 -0600
Subject: [PATCH 4/8] logbuffer: Add pcie driver support

Add logbuffer support to pcie driver to reduce dmesg spam.

Bug: 267495494
Change-Id: Id62006860e161730880aba61ea9974e006884e3e
Signed-off-by: Sajid Dalvi <sdalvi@google.com>
---
 whitechapel_pro/file_contexts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/whitechapel_pro/file_contexts b/whitechapel_pro/file_contexts
index dc1101bc..30fa96f9 100644
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@@ -108,6 +108,8 @@
 /dev/logbuffer_maxfg_base_monitor                                           u:object_r:logbuffer_device:s0
 /dev/logbuffer_maxfg_flip_monitor                                           u:object_r:logbuffer_device:s0
 /dev/logbuffer_bd                                                           u:object_r:logbuffer_device:s0
+/dev/logbuffer_pcie0                                                        u:object_r:logbuffer_device:s0
+/dev/logbuffer_pcie1                                                        u:object_r:logbuffer_device:s0
 /dev/bbd_pwrstat                                                            u:object_r:power_stats_device:s0
 /dev/lwis-act-jotnar                                                        u:object_r:lwis_device:s0
 /dev/lwis-act-slenderman                                                    u:object_r:lwis_device:s0

From 6e04b082f7a93bfe52959497c6dd657d2f7c899c Mon Sep 17 00:00:00 2001
From: Taylor Nelms <tknelms@google.com>
Date: Mon, 5 Dec 2022 15:21:32 +0000
Subject: [PATCH 5/8] Modify permissions to allow dumpstate process to access
 decon_counters node

Bug: 240346564
Test: Build for Cheetah device with "user" build,
check bugreport for decon_counters content
Merged-In: I656ebdcd0f92f2cc3e16de19075e94ada339a39b
Change-Id: I6aea0bc545805f9f066272e08f5c37f71baf304e
Signed-off-by: Taylor Nelms <tknelms@google.com>
---
 whitechapel_pro/genfs_contexts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/whitechapel_pro/genfs_contexts b/whitechapel_pro/genfs_contexts
index 5ec2e546..fb54565c 100644
--- a/whitechapel_pro/genfs_contexts
+++ b/whitechapel_pro/genfs_contexts
@@ -147,6 +147,9 @@ genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/osc2_clk_kh
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock                                                u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/1c240000.drmdecon/early_wakeup                                           u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/1c242000.drmdecon/early_wakeup                                           u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/1c240000.drmdecon/counters                                               u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/1c241000.drmdecon/counters                                               u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/1c242000.drmdecon/counters                                               u:object_r:sysfs_display:s0
 
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight                            u:object_r:sysfs_leds:s0
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_extinfo                        u:object_r:sysfs_display:s0

From 03fb0f6ceb6bfee492299b9d5a5578f5b2f50822 Mon Sep 17 00:00:00 2001
From: Ray Chi <raychi@google.com>
Date: Wed, 14 Dec 2022 15:38:22 +0800
Subject: [PATCH 6/8] [DO NOT MERGE] usb: Add sepolicy for extcon access

USB gadget hal will access extcon folder so that this patch
will add new rule to allow USB gadget hal to access extcon.

Bug: 263435622
Test: build pass
Change-Id: I971732c6a40700a85df61170dcf1c3660307b96c
---
 whitechapel_pro/hal_usb_gadget_impl.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/whitechapel_pro/hal_usb_gadget_impl.te b/whitechapel_pro/hal_usb_gadget_impl.te
index ddda7eb9..361e0f71 100644
--- a/whitechapel_pro/hal_usb_gadget_impl.te
+++ b/whitechapel_pro/hal_usb_gadget_impl.te
@@ -19,3 +19,7 @@ allow hal_usb_gadget_impl proc_irq:file w_file_perms;
 # allow gadget hal to search hsi2c dir and write to usb_limit_accessory_enable/current
 allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms;
 allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms;
+
+# allow gadget hal to access extcon node
+allow hal_usb_gadget_impl sysfs_extcon:dir search;
+allow hal_usb_gadget_impl sysfs_extcon:file r_file_perms;

From 55d345c5e86701f03ea1f7306aa01719301976c9 Mon Sep 17 00:00:00 2001
From: Ken Tsou <kentsou@google.com>
Date: Thu, 16 Feb 2023 10:34:13 +0800
Subject: [PATCH 7/8] hal_health_default: allow to access
 persist.vendor.shutdown.*

msg='avc: denied { set } for property=persist.vendor.shutdown.voltage_avg pid=908 uid=1000 gid=1000 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 266181615
Change-Id: Ia87610f0363bbfbe4fe446244b44818c273841f4
Signed-off-by: Ken Tsou <kentsou@google.com>
---
 whitechapel_pro/hal_health_default.te | 1 +
 whitechapel_pro/property.te           | 1 +
 whitechapel_pro/property_contexts     | 1 +
 3 files changed, 3 insertions(+)

diff --git a/whitechapel_pro/hal_health_default.te b/whitechapel_pro/hal_health_default.te
index 6c3c6940..eeaab1a7 100644
--- a/whitechapel_pro/hal_health_default.te
+++ b/whitechapel_pro/hal_health_default.te
@@ -4,6 +4,7 @@ allow hal_health_default persist_battery_file:file create_file_perms;
 allow hal_health_default persist_battery_file:dir rw_dir_perms;
 
 set_prop(hal_health_default, vendor_battery_defender_prop)
+set_prop(hal_health_default, vendor_shutdown_prop)
 
 # Access to /sys/devices/platform/14700000.ufs/*
 allow hal_health_default sysfs_scsi_devices_0000:dir r_dir_perms;
diff --git a/whitechapel_pro/property.te b/whitechapel_pro/property.te
index b5bf04c2..080a186e 100644
--- a/whitechapel_pro/property.te
+++ b/whitechapel_pro/property.te
@@ -11,6 +11,7 @@ vendor_internal_prop(vendor_nfc_prop)
 vendor_internal_prop(vendor_secure_element_prop)
 vendor_internal_prop(vendor_battery_profile_prop)
 vendor_internal_prop(vendor_battery_defender_prop)
+vendor_internal_prop(vendor_shutdown_prop)
 vendor_internal_prop(vendor_imssvc_prop)
 vendor_internal_prop(vendor_camera_prop)
 vendor_internal_prop(vendor_camera_debug_prop)
diff --git a/whitechapel_pro/property_contexts b/whitechapel_pro/property_contexts
index 32b304b1..6707794a 100644
--- a/whitechapel_pro/property_contexts
+++ b/whitechapel_pro/property_contexts
@@ -57,6 +57,7 @@ persist.vendor.testing_battery_profile     u:object_r:vendor_battery_profile_pro
 
 # Battery
 vendor.battery.defender.                   u:object_r:vendor_battery_defender_prop:s0
+persist.vendor.shutdown.                   u:object_r:vendor_shutdown_prop:s0
 
 # NFC
 persist.vendor.nfc.                        u:object_r:vendor_nfc_prop:s0

From b38886146a0cbd6222b1dc8c55a7f1faf1422697 Mon Sep 17 00:00:00 2001
From: Enzo Liao <enzoliao@google.com>
Date: Fri, 10 Mar 2023 15:25:51 +0800
Subject: [PATCH 8/8] SSRestarDetector: modify the SELinux policy to allow
 access files owned by system for Whitechapel Pro.

It needs to access a file pushed by hosts of test suites (details: http://go/pd-client-for-lab#heading=h.wtp07hbqvwgx)

Bug: 234359369
Design: http://go/pd-client-for-lab
Test: manual (http://b/271555983#comment3)
Change-Id: I0ecc64407118107860db434f0eb22cab0f55a2ba
---
 whitechapel_pro/ssr_detector.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/whitechapel_pro/ssr_detector.te b/whitechapel_pro/ssr_detector.te
index 60ec1bb5..2caf6d77 100644
--- a/whitechapel_pro/ssr_detector.te
+++ b/whitechapel_pro/ssr_detector.te
@@ -4,7 +4,8 @@ app_domain(ssr_detector_app)
 allow ssr_detector_app app_api_service:service_manager find;
 allow ssr_detector_app radio_service:service_manager find;
 
-allow ssr_detector_app system_app_data_file:dir r_dir_perms;
+allow ssr_detector_app system_app_data_file:dir create_dir_perms;
+allow ssr_detector_app system_app_data_file:file create_file_perms;
 
 allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
 allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;