Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge Android 24Q2 Release (ab/11526283) to aosp-main-future

Browse source 
Bug: 337098550
Merged-In: I56143303453cce01d812997ed4a06d815f2a6859
Change-Id: I61f611a2fcb900fcb4bb035c2abfbb19a840fddb
This commit is contained in:
Xin Li 2024-05-06 12:09:17 -07:00
commit 42aa8de219
25 changed files with 100 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

2
private/debug_camera_app.te
View file

@ -13,4 +13,6 @@ userdebug_or_eng(`
# Allows GCA_Eng & GCA-Next to access the PowerHAL. # Allows GCA_Eng & GCA-Next to access the PowerHAL.
hal_client_domain(debug_camera_app, hal_power) hal_client_domain(debug_camera_app, hal_power)
# Follow priv-app symlinks. This is used for dynamite functionality.
allow debug_camera_app privapp_data_file:lnk_file r_file_perms;
') ')

3
private/google_camera_app.te
View file

@ -14,3 +14,6 @@ hal_client_domain(google_camera_app, hal_power)
# Library code may try to access vendor properties, but should be denied # Library code may try to access vendor properties, but should be denied
dontaudit google_camera_app vendor_default_prop:file { getattr map open }; dontaudit google_camera_app vendor_default_prop:file { getattr map open };
# Follow priv-app symlinks. This is used for dynamite functionality.
allow google_camera_app privapp_data_file:lnk_file r_file_perms;

7
radio/dmd.te
View file

@ -30,9 +30,4 @@ binder_call(dmd, hwservicemanager)
binder_call(dmd, modem_diagnostic_app) binder_call(dmd, modem_diagnostic_app)
binder_call(dmd, modem_logging_control) binder_call(dmd, modem_logging_control)
binder_call(dmd, vendor_telephony_silentlogging_app) binder_call(dmd, vendor_telephony_silentlogging_app)
binder_call(dmd, liboemservice_proxy_default)
# Allow proxy to register as android Service
binder_use(dmd)
add_service(dmd, liboemservice_proxy)
allow dmd radio_vendor_data_file:dir create_dir_perms;
allow dmd radio_vendor_data_file:file create_file_perms;

1
radio/file_contexts
View file

@ -11,6 +11,7 @@
/vendor/bin/cbd u:object_r:cbd_exec:s0 /vendor/bin/cbd u:object_r:cbd_exec:s0
/vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0 /vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0
/vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0 /vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0
/vendor/bin/liboemservice_proxy_default u:object_r:liboemservice_proxy_default_exec:s0
# Config files # Config files
/vendor/etc/modem_ml_models\.conf u:object_r:modem_config_file:s0 /vendor/etc/modem_ml_models\.conf u:object_r:modem_config_file:s0

1
radio/grilservice_app.te
View file

@ -16,3 +16,4 @@ binder_call(grilservice_app, hal_radioext_default)
binder_call(grilservice_app, hal_wifi_ext) binder_call(grilservice_app, hal_wifi_ext)
binder_call(grilservice_app, hal_audiometricext_default) binder_call(grilservice_app, hal_audiometricext_default)
binder_call(grilservice_app, rild) binder_call(grilservice_app, rild)
hal_client_domain(grilservice_app, hal_power_stats)

34
radio/liboemservice_proxy.te Normal file
View file

@ -0,0 +1,34 @@
type liboemservice_proxy_default, domain;
type liboemservice_proxy_default_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(liboemservice_proxy_default)
# Allow proxy to register as android service.
binder_use(liboemservice_proxy_default);
add_service(liboemservice_proxy_default, liboemservice_proxy_service);
get_prop(liboemservice_proxy_default, hwservicemanager_prop)
binder_call(liboemservice_proxy_default, hwservicemanager)
binder_call(liboemservice_proxy_default, dmd)
allow liboemservice_proxy_default hal_vendor_oem_hwservice:hwservice_manager find;
allow liboemservice_proxy_default radio_vendor_data_file:dir create_dir_perms;
allow liboemservice_proxy_default radio_vendor_data_file:file create_file_perms;
# Grant to access serial device for external logging tool
allow liboemservice_proxy_default serial_device:chr_file rw_file_perms;
# Grant to access radio device
allow liboemservice_proxy_default radio_device:chr_file rw_file_perms;
# Grant to access slog dir/file
allow liboemservice_proxy_default vendor_slog_file:dir create_dir_perms;
allow liboemservice_proxy_default vendor_slog_file:file create_file_perms;
# Grant to access tcp socket
allow liboemservice_proxy_default node:tcp_socket node_bind;
allow liboemservice_proxy_default self:tcp_socket { create_socket_perms_no_ioctl listen accept bind };
# Grant to access log related properties
set_prop(liboemservice_proxy_default, vendor_diag_prop)
set_prop(liboemservice_proxy_default, vendor_slog_prop)
set_prop(liboemservice_proxy_default, vendor_modem_prop)
get_prop(liboemservice_proxy_default, vendor_persist_config_default_prop)

5
radio/modem_diagnostic_app.te
View file

@ -41,6 +41,7 @@ userdebug_or_eng(`
dontaudit modem_diagnostic_app default_prop:file r_file_perms; dontaudit modem_diagnostic_app default_prop:file r_file_perms;
# Modem Log Mask Library Permissions # Modem Log Mask Library Permissions
binder_call(modem_diagnostic_app, liboemservice_proxy) allow modem_diagnostic_app liboemservice_proxy_service:service_manager find;
allow modem_diagnostic_app liboemservice_proxy:service_manager find; binder_use(modem_diagnostic_app)
binder_call(modem_diagnostic_app, liboemservice_proxy_default)
') ')

3
radio/modem_svc_sit.te
View file

@ -33,3 +33,6 @@ set_prop(modem_svc_sit, vendor_modem_prop)
# hwservice permission # hwservice permission
allow modem_svc_sit hal_exynos_rild_hwservice:hwservice_manager find; allow modem_svc_sit hal_exynos_rild_hwservice:hwservice_manager find;
get_prop(modem_svc_sit, hwservicemanager_prop) get_prop(modem_svc_sit, hwservicemanager_prop)
# logging property
get_prop(modem_svc_sit, vendor_logger_prop)

3
radio/private/service_contexts
View file

@ -1,4 +1 @@
telephony.oem.oemrilhook u:object_r:radio_service:s0 telephony.oem.oemrilhook u:object_r:radio_service:s0
# DMD oemservice aidl proxy
com.google.pixel.modem.logmasklibrary.ILiboemserviceProxy/default u:object_r:liboemservice_proxy:s0

4
radio/service.te
View file

@ -1,2 +1,2 @@
# dmd liboemservice_proxy # define liboemservice_proxy_service
type liboemservice_proxy, hal_service_type, service_manager_type; type liboemservice_proxy_service, hal_service_type, service_manager_type;

2
radio/service_contexts Normal file
View file

@ -0,0 +1,2 @@
# DMD oemservice aidl proxy
com.google.pixel.modem.logmasklibrary.ILiboemserviceProxy/default u:object_r:liboemservice_proxy_service:s0

5
system_ext/private/systemui_app.te
View file

@ -20,3 +20,8 @@ get_prop(systemui_app, keyguard_config_prop)
set_prop(systemui_app, bootanim_system_prop) set_prop(systemui_app, bootanim_system_prop)
get_prop(systemui_app, qemu_hw_prop) get_prop(systemui_app, qemu_hw_prop)
# Allow writing and removing wmshell protolog in /data/misc/wmtrace.
userdebug_or_eng(`
allow systemui_app wm_trace_data_file:dir rw_dir_perms;
allow systemui_app wm_trace_data_file:file create_file_perms;
')

15
tracking_denials/bug_map
View file

@ -1,21 +1,18 @@
dumpstate app_zygote process b/288049050 dumpstate app_zygote process b/288049050
dumpstate virtual_camera binder b/312894238
dumpstate virtual_camera process b/312894238
hal_face_default traced_producer_socket sock_file b/305600857
hal_radioext_default radio_vendor_data_file file b/312590044 hal_radioext_default radio_vendor_data_file file b/312590044
hal_vibrator_default default_android_service service_manager b/314054292 hal_vibrator_default default_android_service service_manager b/314054292
incidentd debugfs_wakeup_sources file b/288049561 incidentd debugfs_wakeup_sources file b/288049561
incidentd incidentd anon_inode b/288049561 incidentd incidentd anon_inode b/288049561
insmod-sh insmod-sh key b/274374722 insmod-sh insmod-sh key b/274374722
kernel dm_device blk_file b/319403445
mtectrl unlabeled dir b/264483752 mtectrl unlabeled dir b/264483752
pixelstats_vendor sysfs file b/299553682 pixelstats_vendor sysfs file b/299553682
rild default_prop file b/315720601 rfsd vendor_cbd_prop file b/323086582
rild default_prop file b/315720874
surfaceflinger selinuxfs file b/313804706
system_server sysfs_batteryinfo file b/294967729 system_server sysfs_batteryinfo file b/294967729
systemui_app wm_trace_data_file dir b/288049075 system_suspend sysfs_batteryinfo dir b/317316633
twoshay chre_socket sock_file b/315104508
twoshay chre_socket sock_file b/315104941
vendor_init default_prop file b/315104235 vendor_init default_prop file b/315104235
vendor_init default_prop file b/315104803 vendor_init default_prop file b/315104803
vendor_init default_prop file b/323087197
vendor_init default_prop file b/323087490
vendor_init default_prop property_service b/315104235 vendor_init default_prop property_service b/315104235
vendor_init vendor_volte_mif_off property_service b/316816642

2
tracking_denials/dmd.te Normal file
View file

@ -0,0 +1,2 @@
# b/323471016
dontaudit dmd servicemanager:binder { call };

2
tracking_denials/priv_app.te
View file

@ -1,2 +0,0 @@
# b/299553227
dontaudit priv_app default_android_service:service_manager { find };

2
vendor/con_monitor_app.te vendored
View file

@ -5,6 +5,8 @@ app_domain(con_monitor_app);
allow con_monitor_app app_api_service:service_manager find; allow con_monitor_app app_api_service:service_manager find;
allow con_monitor_app batterystats_service:service_manager find; allow con_monitor_app batterystats_service:service_manager find;
allow con_monitor_app virtual_device_service:service_manager find; allow con_monitor_app virtual_device_service:service_manager find;
allow con_monitor_app radio_vendor_data_file:dir rw_dir_perms;
allow con_monitor_app radio_vendor_data_file:file create_file_perms;
binder_call(con_monitor_app, system_server); binder_call(con_monitor_app, system_server);
binder_call(con_monitor_app, servicemanager); binder_call(con_monitor_app, servicemanager);

5
vendor/device.te vendored
View file

@ -4,10 +4,7 @@ type custom_ab_block_device, dev_type;
type mfg_data_block_device, dev_type; type mfg_data_block_device, dev_type;
type ufs_internal_block_device, dev_type; type ufs_internal_block_device, dev_type;
type logbuffer_device, dev_type; type logbuffer_device, dev_type;
type hw_jpg_device, dev_type; type hw_jpg_device, dev_type, mlstrustedobject;
userdebug_or_eng(`
typeattribute hw_jpg_device mlstrustedobject;
')
type fingerprint_device, dev_type; type fingerprint_device, dev_type;
type uci_device, dev_type; type uci_device, dev_type;

1
vendor/dump_power.te vendored
View file

@ -23,6 +23,7 @@ allow dump_power persist_battery_file:file r_file_perms;
allow dump_power vendor_shell_exec:file execute_no_trans; allow dump_power vendor_shell_exec:file execute_no_trans;
allow dump_power battery_mitigation_exec:file execute_no_trans; allow dump_power battery_mitigation_exec:file execute_no_trans;
allow dump_power sysfs_iio_devices:dir search; allow dump_power sysfs_iio_devices:dir search;
allow dump_power sysfs:dir r_dir_perms;
userdebug_or_eng(` userdebug_or_eng(`
allow dump_power debugfs:dir r_dir_perms; allow dump_power debugfs:dir r_dir_perms;

1
vendor/file_contexts vendored
View file

@ -9,7 +9,6 @@
/vendor/bin/hw/android\.hardware\.secure_element-service.uicc u:object_r:hal_secure_element_uicc_exec:s0 /vendor/bin/hw/android\.hardware\.secure_element-service.uicc u:object_r:hal_secure_element_uicc_exec:s0
/vendor/bin/hw/android\.hardware\.qorvo\.uwb\.service u:object_r:hal_uwb_vendor_default_exec:s0 /vendor/bin/hw/android\.hardware\.qorvo\.uwb\.service u:object_r:hal_uwb_vendor_default_exec:s0
/vendor/bin/hw/android\.hardware\.composer\.hwc3-service\.pixel u:object_r:hal_graphics_composer_default_exec:s0 /vendor/bin/hw/android\.hardware\.composer\.hwc3-service\.pixel u:object_r:hal_graphics_composer_default_exec:s0
/vendor/bin/hw/android\.hardware\.contexthub-service\.generic u:object_r:hal_contexthub_default_exec:s0
/vendor/bin/hw/google\.hardware\.media\.c2@2\.0-service u:object_r:mediacodec_google_exec:s0 /vendor/bin/hw/google\.hardware\.media\.c2@2\.0-service u:object_r:mediacodec_google_exec:s0
/vendor/bin/dump/dump_wlan\.sh u:object_r:dump_wlan_exec:s0 /vendor/bin/dump/dump_wlan\.sh u:object_r:dump_wlan_exec:s0
/vendor/bin/dump/dump_gsa\.sh u:object_r:dump_gsa_exec:s0 /vendor/bin/dump/dump_gsa\.sh u:object_r:dump_gsa_exec:s0

20
vendor/genfs_contexts vendored
View file

@ -68,6 +68,8 @@ genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/idle_delay_
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/panel_idle u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/panel_idle u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/op_hz u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/op_hz u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/time_in_state u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/available_disp_stats u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19440000.drmdsim/hs_clock u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19440000.drmdsim/hs_clock u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19470000.drmdecon/early_wakeup u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19470000.drmdecon/early_wakeup u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19471000.drmdecon/early_wakeup u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19471000.drmdecon/early_wakeup u:object_r:sysfs_display:s0
@ -90,6 +92,18 @@ genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/backlight/p
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/error_count_te u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/error_count_te u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/error_count_unknown u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/error_count_unknown u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport/dp_hotplug_error_code u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport/dp_hotplug_error_code u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport-stats/link_negotiation_failures u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport-stats/edid_read_failures u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport-stats/dpcd_read_failures u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport-stats/edid_invalid_failures u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport-stats/sink_count_invalid_failures u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport-stats/link_unstable_failures u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/hdcp/hdcp2_success_count u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/hdcp/hdcp2_fallback_count u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/hdcp/hdcp2_fail_count u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/hdcp/hdcp1_success_count u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/hdcp/hdcp1_fail_count u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/hdcp/hdcp0_count u:object_r:sysfs_display:s0
# ACPM # ACPM
genfscon sysfs /devices/platform/acpm_stats u:object_r:sysfs_acpm_stats:s0 genfscon sysfs /devices/platform/acpm_stats u:object_r:sysfs_acpm_stats:s0
@ -217,13 +231,16 @@ genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-003c/wakeup/wakeup
genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-003b/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-003b/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-003b/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-003b/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0025/power_supply/tcpm-source-psy-11-0025/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0025/power_supply/tcpm-source-psy-11-0025/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0025/power_supply/tcpm-source-psy-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0025/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0025/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0036/power_supply/maxfg/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0036/power_supply/maxfg/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0036/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0057/power_supply/dc-mains/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0057/power_supply/dc-mains/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0057/power_supply/pca94xx-mains/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0057/power_supply/pca94xx-mains/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-0069/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb1/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb1/wakeup u:object_r:sysfs_wakeup:s0
@ -255,6 +272,8 @@ genfscon sysfs /devices/platform/gpio_keys/wakeup/wakeup
genfscon sysfs /devices/platform/sound-aoc/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/sound-aoc/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/virtual/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/virtual/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/wakeup/ u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19450000.drmdsim/19450000.drmdsim.0/wakeup/ u:object_r:sysfs_wakeup:s0
# Trusty # Trusty
genfscon sysfs /module/trusty_virtio/parameters/use_high_wq u:object_r:sysfs_trusty:s0 genfscon sysfs /module/trusty_virtio/parameters/use_high_wq u:object_r:sysfs_trusty:s0
@ -271,6 +290,7 @@ genfscon sysfs /devices/platform/1f000000.mali/total_gpu_mem u:obje
genfscon sysfs /devices/platform/1f000000.mali/kprcs u:object_r:sysfs_gpu:s0 genfscon sysfs /devices/platform/1f000000.mali/kprcs u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/1f000000.mali/dvfs_period u:object_r:sysfs_gpu:s0 genfscon sysfs /devices/platform/1f000000.mali/dvfs_period u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/1f000000.mali/cur_freq u:object_r:sysfs_gpu:s0 genfscon sysfs /devices/platform/1f000000.mali/cur_freq u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/1f000000.mali/capacity_headroom u:object_r:sysfs_gpu:s0
# GSA logs # GSA logs
genfscon sysfs /devices/platform/16490000.gsa-ns/log_main u:object_r:sysfs_gsa_log:s0 genfscon sysfs /devices/platform/16490000.gsa-ns/log_main u:object_r:sysfs_gsa_log:s0

4
vendor/hal_graphics_composer_default.te vendored
View file

@ -41,3 +41,7 @@ add_service(hal_graphics_composer_default, vendor_surfaceflinger_vndservice)
allow hal_graphics_composer_default vendor_hwc_log_file:dir rw_dir_perms; allow hal_graphics_composer_default vendor_hwc_log_file:dir rw_dir_perms;
allow hal_graphics_composer_default vendor_hwc_log_file:file create_file_perms; allow hal_graphics_composer_default vendor_hwc_log_file:file create_file_perms;
allow hal_graphics_composer_default vendor_log_file:dir search; allow hal_graphics_composer_default vendor_log_file:dir search;
# allow HWC to access IStats AIDL
allow hal_graphics_composer_default fwk_stats_service:service_manager find;
binder_call(hal_graphics_composer_default, system_server);

1
vendor/hal_power_stats_default.te vendored
View file

@ -3,6 +3,7 @@ r_dir_file(hal_power_stats_default, sysfs_aoc)
r_dir_file(hal_power_stats_default, sysfs_aoc_dumpstate) r_dir_file(hal_power_stats_default, sysfs_aoc_dumpstate)
r_dir_file(hal_power_stats_default, sysfs_acpm_stats) r_dir_file(hal_power_stats_default, sysfs_acpm_stats)
r_dir_file(hal_power_stats_default, sysfs_cpu) r_dir_file(hal_power_stats_default, sysfs_cpu)
r_dir_file(hal_power_stats_default, sysfs_display)
r_dir_file(hal_power_stats_default, sysfs_edgetpu) r_dir_file(hal_power_stats_default, sysfs_edgetpu)
r_dir_file(hal_power_stats_default, sysfs_iio_devices) r_dir_file(hal_power_stats_default, sysfs_iio_devices)
r_dir_file(hal_power_stats_default, sysfs_leds) r_dir_file(hal_power_stats_default, sysfs_leds)

3
vendor/hal_usb_impl.te vendored
View file

@ -23,3 +23,6 @@ allow hal_usb_impl sysfs_wakeup:file r_file_perms;
# For metrics upload # For metrics upload
allow hal_usb_impl fwk_stats_service:service_manager find; allow hal_usb_impl fwk_stats_service:service_manager find;
# For reading the usb-c throttling stats
allow hal_usb_impl sysfs_usbc_throttling_stats:file r_file_perms;

1
vendor/property_contexts vendored
View file

@ -23,6 +23,7 @@ vendor.mali. u:object_r:vendor_arm_runtime_option_
# Display # Display
persist.vendor.primarydisplay. u:object_r:vendor_display_prop:s0 prefix persist.vendor.primarydisplay. u:object_r:vendor_display_prop:s0 prefix
ro.vendor.primarydisplay.preferred_mode u:object_r:vendor_display_prop:s0 exact string
ro.vendor.primarydisplay.vrr.enabled u:object_r:vendor_display_prop:s0 exact bool ro.vendor.primarydisplay.vrr.enabled u:object_r:vendor_display_prop:s0 exact bool
ro.vendor.primarydisplay.vrr.expected_present.headsup_ns u:object_r:vendor_display_prop:s0 exact int ro.vendor.primarydisplay.vrr.expected_present.headsup_ns u:object_r:vendor_display_prop:s0 exact int
ro.vendor.primarydisplay.vrr.expected_present.timeout_ns u:object_r:vendor_display_prop:s0 exact int ro.vendor.primarydisplay.vrr.expected_present.timeout_ns u:object_r:vendor_display_prop:s0 exact int

2
vendor/twoshay.te vendored
View file

@ -6,4 +6,6 @@ binder_call(twoshay, hal_radioext_default)
# b/315347346 # b/315347346
# b/314721681 # b/314721681
unix_socket_connect(twoshay, chre, chre) unix_socket_connect(twoshay, chre, chre)
# TODO(b/248615564): Remove above rule after CHRE multiclient HAL is launched.
unix_socket_connect(twoshay, chre, hal_contexthub_default)
allow twoshay self:capability2 block_suspend; allow twoshay self:capability2 block_suspend;