From 4b9ca7c0a74394ebcc50348847374aefd4878192 Mon Sep 17 00:00:00 2001
From: Eileen Lai <eileenisgood@google.com>
Date: Sun, 8 Dec 2024 04:44:23 +0000
Subject: [PATCH 1/2] modem_svc: move shared_modem_platform related sepolicy to
 gs-common

Bug: 372400955

Change-Id: I3570cf0e90ceebc1ac6d19850e53df6c721b0020
Flag: NONE local testing only
---
 radio/file_contexts    | 1 -
 radio/modem_svc_sit.te | 3 ---
 zuma-sepolicy.mk       | 2 +-
 3 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/radio/file_contexts b/radio/file_contexts
index ed9c2201..e02a1aa1 100644
--- a/radio/file_contexts
+++ b/radio/file_contexts
@@ -12,7 +12,6 @@
 /vendor/bin/hw/vendor\.google\.radioext@1\.0-service                        u:object_r:hal_radioext_default_exec:s0
 /vendor/bin/liboemservice_proxy_default                                     u:object_r:liboemservice_proxy_default_exec:s0
 /vendor/bin/copy_efs_files_to_data                                                            u:object_r:copy_efs_files_to_data_exec:s0
-/vendor/bin/shared_modem_platform                                           u:object_r:modem_svc_sit_exec:s0
 
 # Config files
 /vendor/etc/modem_ml_models\.conf                                           u:object_r:modem_config_file:s0
diff --git a/radio/modem_svc_sit.te b/radio/modem_svc_sit.te
index fb77bf80..3f225310 100644
--- a/radio/modem_svc_sit.te
+++ b/radio/modem_svc_sit.te
@@ -38,9 +38,6 @@ get_prop(modem_svc_sit, hwservicemanager_prop)
 # logging property
 get_prop(modem_svc_sit, vendor_logger_prop)
 
-# Modem SVC will register the default instance of the AIDL ISharedModemPlatform hal.
-hal_server_domain(modem_svc_sit, hal_shared_modem_platform)
-
 # Write trace data to the Perfetto traced daemon. This requires connecting to
 # its producer socket and obtaining a (per-process) tmpfs fd.
 perfetto_producer(modem_svc_sit)
diff --git a/zuma-sepolicy.mk b/zuma-sepolicy.mk
index abfaa288..56502eba 100644
--- a/zuma-sepolicy.mk
+++ b/zuma-sepolicy.mk
@@ -1,6 +1,6 @@
 # sepolicy that are shared among devices using zuma
 BOARD_SEPOLICY_DIRS += device/google/zuma-sepolicy/vendor
-BOARD_SEPOLICY_DIRS += device/google/zuma-sepolicy/radio
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/zuma-sepolicy/radio
 PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/zuma-sepolicy/radio/private
 
 # unresolved SELinux error log with bug tracking

From b81b3428d8fa8c761fd2cc2fe3c6ed8b0123e5a8 Mon Sep 17 00:00:00 2001
From: Nina Chen <sheaunic@google.com>
Date: Mon, 9 Dec 2024 11:25:59 +0800
Subject: [PATCH 2/2] Update SELinux error

Test: SELinuxUncheckedDenialBootTest
Bug: 383013471
Flag: EXEMPT sepolicy
Change-Id: Ia8c27c5031bb14d77f581b4569a8d39a5613244f
---
 tracking_denials/bug_map | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map
index bc90c7c2..cfb0d77a 100644
--- a/tracking_denials/bug_map
+++ b/tracking_denials/bug_map
@@ -6,6 +6,7 @@ dumpstate app_zygote process b/288049050
 edgetpu_vendor_server shell_data_file dir b/369475225
 edgetpu_vendor_server shell_data_file dir b/369475363
 hal_bluetooth_btlinux vendor_default_prop property_service b/350832030
+hal_camera_default aconfig_storage_metadata_file dir b/383013471
 hal_radioext_default radio_vendor_data_file file b/312590044
 incidentd debugfs_wakeup_sources file b/288049561
 incidentd incidentd anon_inode b/288049561