Android 15.0.0 Release 21 (BP1A.250305.020)

-----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ8fKCAAKCRDorT+BmrEO eKE3AJ4uFXxFPLY5WKfjV42Swr4BBy8a1ACcD53kvqqVMTUClsM4lrgXGQ82YKc= =5fRU -----END PGP SIGNATURE----- gpgsig -----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgPpdpjxPACTIhnlvYz0GM4BR7FJ +rYv3jMbfxNKD3JvcAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5 AAAAQD3Qc4A3bmG6C5UeJ72OX6KEYC9rOCtnIlT5iRxwxs/8+aoXRxpQTf78JyVn+Xsz2J TUbFUORg+gRtEXsx4ApwE= -----END SSH SIGNATURE----- Merge tag 'android-15.0.0_r21' into staging/lineage-22.2_merge-android-15.0.0_r21 Android 15.0.0 Release 21 (BP1A.250305.020) # -----BEGIN PGP SIGNATURE----- # # iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ8fKCAAKCRDorT+BmrEO # eKE3AJ4uFXxFPLY5WKfjV42Swr4BBy8a1ACcD53kvqqVMTUClsM4lrgXGQ82YKc= # =5fRU # -----END PGP SIGNATURE----- # gpg: Signature made Wed Mar 5 05:50:32 2025 EET # gpg: using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78 # gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [ultimate] # By Nina Chen (11) and others # Via Android Build Coastguard Worker (32) and others * tag 'android-15.0.0_r21': (41 commits) Update SELinux error modem_svc: move shared_modem_platform related sepolicy to gs-common Allow tachyon service to make binder calls to GCA Update SELinux error allow hal_bluetooth_btlinux write sysfs file port display sysfs access Add hal_shared_modem_platform to modem_diagnostic_app.te add permission for hl7132 sysfs Update SELinux error Update the PMS app seinfo for the certification change. Update SELinux error Revert "modem_svc: move shared_modem_platform related sepolicy t..." modem_svc: move shared_modem_platform related sepolicy to gs-common Support access to radioext service over AIDL Update SELinux error Update SELinux error correct frame_interval_ns and expected_present_time_ns naming shamp: remove fixed bug from bugmap sepolicy: add label for logbuffer Update SELinux error ... Conflicts: sepolicy/vendor/keys.conf sepolicy/zumapro-sepolicy.mk Change-Id: I904f4d429cf34da67777654f6c373a66b105d128
2025-03-09 11:01:22 +02:00 · 2025-03-09 11:01:22 +02:00 · 033f3a090a
commit 033f3a090a
parent 19beed9713 03140982aa
32 changed files with 201 additions and 33 deletions
--- a/sepolicy/radio/certs/com_google_android_modem_pms.x509.pem
+++ b/sepolicy/radio/certs/com_google_android_modem_pms.x509.pem
@ -0,0 +1,29 @@
 -----BEGIN CERTIFICATE-----
 MIIF9DCCA9ygAwIBAgIUdblfv7oNBrd5Bh3HcvmyFOTotxowDQYJKoZIhvcNAQELBQAwgYkxCzAJ
 BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQw
 EgYDVQQKEwtHb29nbGUgSW5jLjEQMA4GA1UECxMHQW5kcm9pZDElMCMGA1UEAwwcY29tX2dvb2ds
 ZV9hbmRyb2lkX21vZGVtX3BtczAgFw0yNDA4MTkxODEwMjdaGA8yMDU0MDgxOTE4MTAyN1owgYkx
 CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3
 MRQwEgYDVQQKEwtHb29nbGUgSW5jLjEQMA4GA1UECxMHQW5kcm9pZDElMCMGA1UEAwwcY29tX2dv
 b2dsZV9hbmRyb2lkX21vZGVtX3BtczCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALe5
 J/LkcvdP1z2FUDUBW2V37s4FyMe8d5a7YEkji7hC5l/W9nCnLVplhqxAD6fU10T3W8xKvbxyfu4I
 MvNJvzxlgzTNUJkVa+cbYDfnJd4lboF0NdJFIpYxNVFC1us96qcEwxEUWN0evamqawOUv7S4cwA4
 mwsh5zZcOL5217ytSO+88tvXIongGZXyhHN4iTbd2//R23Ia4s39zNVlEMcgExWBRyn1PEcO3LBn
 4/SK/jnYRdZrHjKK1qkeTMYPu21NqcBJISAdjDbwnHuBjQp+hbd4XY3QROJM6LJ4J34PpbskyvIy
 tU1VShZ+CV2P3RSkTk1L0K4IqHa3OzD4EtRvARHmggjieokWOIKfyklYRE1e/C4XbhNbj08cD2hR
 orFNF2inbVpUVfBa3MJyOLTitnU9bTkprO1C63xXoXfSocbEgtSSl94PJjDVrpB8JiAjnrGUItSS
 2+pW5J5pxREFMPxp7fOCOFoiD/gHgOJjHNWEPFdSWLcEe4trrAPLexbfBmtVFJ4lLXhzg1ERxEJJ
 QriZ4FoAtB6XSILDJgXxe6xtoJ0fZDxp0FWaTIU2rRR/OOjjPEGzrSzfZjgeIj512qhaYiqfwSQ4
 i6cTEz1+UY/u9sFeW2N884VAWi1ZIx1kzYMUisAeehJXzlJFB+q0qinaoCwyFRcOOK144E8RAgMB
 AAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFCpkoCKwoSargw1pVZUVLuoKSQOdMB8GA1Ud
 IwQYMBaAFCpkoCKwoSargw1pVZUVLuoKSQOdMA0GCSqGSIb3DQEBCwUAA4ICAQCRmyU23cp/ysn+
 ndfZekfNZJmktrY9W7WZ2kKuH0w/L/Y2HO9fg4HKHzfElJeSBgt7z3DkQ8exaCHdwGo4Inu8Yyjp
 NgS0Zhfsa/yyORpvu5m62KFhT2x3gDKSTdPlP1z6pi3ADt3XtUOHoVgakM0YhRPvS/5epJOH5lgE
 ONCExGiUUD5S7vgabda4R7jBmsDcIh9fsER9IQrlP1IN4auqbKfpVOd3yxNMcfg5WN+QvBA3lh3E
 +hsQb1/SCUhOoXIzs7hfiy6hLMQx0wg/s2Zdc5h/8eQAgLhm0aELfq5Bm4IR6uxArwLkaBO4sEh0
 I+7eTNR/Z0fu5V6H1zdRupoZmXjlgqR6t9eAwxHqQfHJzUASBCmrXfnXDG4kdwiZz8dDCXvNxahS
 YM7PB3gozD3mc/NGs6qjv/11Bu3gSaoXFPBDWxCJ99SPU1yp6e/pLqfqzQ1raijJWehqZudBU3vR
 1VVN9Iw0KP3/RpT1fLJqoXMK/QUjQF/JURGDhLZqPqx+RNGGlhWYx/j0LJNFJMMwusTCd9l5DtiK
 eGjXj6Z9zde1wrqKDjrY+kHWNwHeoDjX8MrQb36KzkJNFIY8eHS7tki0ATTgeBsfmiDusWpSJu2Q
 9pnrCJYpoS3IXDwiDTf/6l41Bl1VLDZZm/K0mzALzynTrqhut310/RB+wUD2nw==
 -----END CERTIFICATE-----
--- a/sepolicy/radio/copy_efs_files_to_data.te
+++ b/sepolicy/radio/copy_efs_files_to_data.te
@ -0,0 +1,56 @@
 # necessary permissions to copy efs to be used in 16KB mode
 type copy_efs_files_to_data, domain;
 type copy_efs_files_to_data_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(copy_efs_files_to_data);
 # Allow creating files on /data/vendor/copied
 allow copy_efs_files_to_data modem_efs_image_file:dir  { create_dir_perms };
 allow copy_efs_files_to_data modem_efs_image_file:file { create_file_perms };
 allow copy_efs_files_to_data modem_efs_image_file:lnk_file { create_file_perms };
 # Allow execute binaries from /vendor/bin
 allow copy_efs_files_to_data vendor_toolbox_exec:file rx_file_perms;
 allow copy_efs_files_to_data vendor_shell_exec:file rx_file_perms;
 # Allow execute /vendor/bin/dump.f2fs
 allow copy_efs_files_to_data vendor_file:file { getattr execute_no_trans };
 # Allow execute dump.f2fs to dump files from /dev/block/by-name/efs
 allow copy_efs_files_to_data block_device:dir search;
 allow copy_efs_files_to_data efs_block_device:blk_file r_file_perms;
 allow copy_efs_files_to_data modem_userdata_block_device:blk_file r_file_perms;
 allow copy_efs_files_to_data persist_block_device:blk_file r_file_perms;
 # Allow checking if /data/vendor/copied/[efs/efs_backup/persist] exist
 allow copy_efs_files_to_data modem_efs_file:dir getattr;
 allow copy_efs_files_to_data modem_userdata_file:dir getattr;
 allow copy_efs_files_to_data persist_file:dir getattr;
 allow copy_efs_files_to_data sysfs_scsi_devices_0000:dir r_dir_perms;
 allow copy_efs_files_to_data sysfs_scsi_devices_0000:file r_file_perms;
 # dump.f2fs need to restore file permissions after dumping
 # files from an f2fs image
 allow copy_efs_files_to_data self:capability chown;
 allow copy_efs_files_to_data self:capability fowner;
 allow copy_efs_files_to_data kmsg_debug_device:chr_file { w_file_perms ioctl getattr };
 allow copy_efs_files_to_data system_bootstrap_lib_file:dir search;
 # Should not write to any block devices. Only read from block device
 # and dump files to /data/vendor/copied
 dontaudit copy_efs_files_to_data dev_type:blk_file write;
 # Setting xattr requires sys_admin
 dontaudit copy_efs_files_to_data self:capability sys_admin;
 # dump.f2fs would attempt to restore selinux on dumped files, but we
 # will use restorecon to do the job.
 dontaudit copy_efs_files_to_data modem_efs_image_file:dir relabelfrom;
 dontaudit copy_efs_files_to_data modem_efs_image_file:file relabelfrom;
 dontaudit copy_efs_files_to_data modem_efs_file:dir relabelto;
 dontaudit copy_efs_files_to_data modem_efs_file:file relabelto;
 dontaudit copy_efs_files_to_data modem_userdata_file:dir relabelto;
 dontaudit copy_efs_files_to_data modem_userdata_file:file relabelto;
 dontaudit copy_efs_files_to_data vendor_persist_type:dir relabelto;
 dontaudit copy_efs_files_to_data vendor_persist_type:file relabelto;
--- a/sepolicy/radio/file.te
+++ b/sepolicy/radio/file.te
@ -1,5 +1,6 @@
 # Data
 type rild_vendor_data_file, file_type, data_file_type;
 type modem_efs_image_file, file_type, data_file_type;
 type modem_ml_data_file, file_type, data_file_type;
 type modem_stat_data_file, file_type, data_file_type;
 type sysfs_gps, sysfs_type, fs_type;
--- a/sepolicy/radio/file_contexts
+++ b/sepolicy/radio/file_contexts
@ -10,7 +10,7 @@
 /vendor/bin/cbd                                                             u:object_r:cbd_exec:s0
 /vendor/bin/hw/rild_exynos                                                  u:object_r:rild_exec:s0
 /vendor/bin/liboemservice_proxy_default                                     u:object_r:liboemservice_proxy_default_exec:s0
-/vendor/bin/shared_modem_platform                                           u:object_r:modem_svc_sit_exec:s0
+/vendor/bin/copy_efs_files_to_data                                          u:object_r:copy_efs_files_to_data_exec:s0
 # Config files
 /vendor/etc/modem_ml_models\.conf                                           u:object_r:modem_config_file:s0
@ -22,6 +22,7 @@
 /data/vendor/modem_ml(/.*)?                                                 u:object_r:modem_ml_data_file:s0
 /data/vendor/modem_stat(/.*)?                                               u:object_r:modem_stat_data_file:s0
 /data/vendor/rild(/.*)?                                                     u:object_r:rild_vendor_data_file:s0
 /data/vendor/copied(/.*)?                                                     u:object_r:modem_efs_image_file:s0
 # vendor extra images
 /mnt/vendor/efs(/.*)?                                                       u:object_r:modem_efs_file:s0
--- a/sepolicy/radio/keys.conf
+++ b/sepolicy/radio/keys.conf
@ -1,3 +1,6 @@
 [@MDS]
 ALL : device/google/zumapro/sepolicy/radio/certs/com_google_mds.x509.pem
 [@PMS]
 ALL : device/google/zumapro-sepolicy/radio/certs/com_google_android_modem_pms.x509.pem
--- a/sepolicy/radio/mac_permissions.xml
+++ b/sepolicy/radio/mac_permissions.xml
@ -24,4 +24,7 @@
    <signer signature="@MDS" >
        <seinfo value="mds" />
    </signer>
    <signer signature="@PMS" >
        <seinfo value="pms" />
    </signer>
 </policy>
--- a/sepolicy/radio/modem_diagnostic_app.te
+++ b/sepolicy/radio/modem_diagnostic_app.te
@ -1,3 +1,4 @@
 # Selinux rule for ModemDiagnosticService (MDS) app
 type modem_diagnostic_app, domain;
 app_domain(modem_diagnostic_app)
@ -10,6 +11,7 @@ userdebug_or_eng(`
  allow modem_diagnostic_app sysfs_modem_state:file r_file_perms;
  hal_client_domain(modem_diagnostic_app, hal_power_stats);
  hal_client_domain(modem_diagnostic_app, hal_shared_modem_platform);
  allow modem_diagnostic_app hal_vendor_radio_external_service:service_manager find;
  allow modem_diagnostic_app hal_exynos_rild_hwservice:hwservice_manager find;
--- a/sepolicy/radio/modem_logging_control.te
+++ b/sepolicy/radio/modem_logging_control.te
@ -1,3 +1,4 @@
 # for modem_logging_control domain
 type modem_logging_control, domain;
 type modem_logging_control_exec, vendor_file_type, exec_type, file_type;
@ -5,6 +6,7 @@ init_daemon_domain(modem_logging_control)
 hwbinder_use(modem_logging_control)
 binder_call(modem_logging_control, dmd)
 binder_call(modem_logging_control, servicemanager)
 allow modem_logging_control radio_device:chr_file rw_file_perms;
 allow modem_logging_control hal_vendor_oem_hwservice:hwservice_manager find;
@ -12,6 +14,7 @@ allow modem_logging_control radio_vendor_data_file:dir create_dir_perms;
 allow modem_logging_control radio_vendor_data_file:file create_file_perms;
 allow modem_logging_control vendor_slog_file:dir create_dir_perms;
 allow modem_logging_control vendor_slog_file:file create_file_perms;
 allow modem_logging_control hal_vendor_modem_logging_service:service_manager find;
 set_prop(modem_logging_control, vendor_modem_prop)
 get_prop(modem_logging_control, hwservicemanager_prop)
--- a/sepolicy/radio/modem_svc_sit.te
+++ b/sepolicy/radio/modem_svc_sit.te
@ -1,3 +1,4 @@
 # Selinux rule for modem_svc_sit daemon
 type modem_svc_sit, domain;
 type modem_svc_sit_exec, vendor_file_type, exec_type, file_type;
 init_daemon_domain(modem_svc_sit)
@ -37,9 +38,6 @@ get_prop(modem_svc_sit, vendor_logger_prop)
 allow modem_svc_sit hal_exynos_rild_hwservice:hwservice_manager find;
 get_prop(modem_svc_sit, hwservicemanager_prop)
 # Modem SVC will register the default instance of the AIDL ISharedModemPlatform hal.
 hal_server_domain(modem_svc_sit, hal_shared_modem_platform)
 # Write trace data to the Perfetto traced daemon. This requires connecting to
 # its producer socket and obtaining a (per-process) tmpfs fd.
 perfetto_producer(modem_svc_sit)
@ -51,6 +49,6 @@ allow modem_svc_sit modem_img_file:lnk_file r_file_perms;
 # Allow modem_svc_sit to access socket for UMI
 userdebug_or_eng(`
-  allow modem_svc_sit radio_vendor_data_file:sock_file { create unlink };
+  allow modem_svc_sit radio_vendor_data_file:sock_file { create write unlink };
 ')
--- a/sepolicy/radio/property_contexts
+++ b/sepolicy/radio/property_contexts
@ -60,6 +60,7 @@ vendor.gps.                                u:object_r:vendor_gps_prop:s0
 persist.vendor.gps.                        u:object_r:vendor_gps_prop:s0
 # Tcpdump_logger
 persist.vendor.tcpdump.capture.len         u:object_r:vendor_tcpdump_log_prop:s0
 persist.vendor.tcpdump.log.alwayson        u:object_r:vendor_tcpdump_log_prop:s0
 vendor.tcpdump.                            u:object_r:vendor_tcpdump_log_prop:s0
--- a/sepolicy/radio/seapp_contexts
+++ b/sepolicy/radio/seapp_contexts
@ -34,4 +34,4 @@ user=system seinfo=platform name=com.google.android.CatEngine domain=cat_engine_
 user=_app isPrivApp=true seinfo=platform name=com.samsung.slsi.telephony.satelliteservice domain=vendor_satellite_service levelFrom=all
 # Domain for pixel_modem_app
-user=_app isPrivApp=true seinfo=platform name=com.google.android.modem.pms domain=pixel_modem_app levelFrom=all
+user=_app isPrivApp=true seinfo=pms name=com.google.android.modem.pms domain=pixel_modem_app levelFrom=all
--- a/sepolicy/system_ext/private/systemui_app.te
+++ b/sepolicy/system_ext/private/systemui_app.te
@ -20,6 +20,7 @@ get_prop(systemui_app, keyguard_config_prop)
 set_prop(systemui_app, bootanim_system_prop)
 get_prop(systemui_app, qemu_hw_prop)
 set_prop(systemui_app, debug_prop)
 get_prop(systemui_app, radio_cdma_ecm_prop)
 # Allow writing and removing wmshell protolog in /data/misc/wmtrace.
 userdebug_or_eng(`
--- a/sepolicy/tracking_denials/bluetooth.te
+++ b/sepolicy/tracking_denials/bluetooth.te
@ -0,0 +1,2 @@
 # b/382362300
 dontaudit bluetooth default_android_service:service_manager { find };
--- a/sepolicy/tracking_denials/bug_map
+++ b/sepolicy/tracking_denials/bug_map
@ -1,33 +1,42 @@
 aconfigd apex_info_file file b/381327278
 bluetooth audio_config_prop file b/379245474
 bpfloader fs_bpf dir b/380989493
 dump_display sysfs file b/322917055
 dump_modem sscoredump_vendor_data_coredump_file dir b/361726331
 dump_modem sscoredump_vendor_data_logcat_file dir b/361726331
-grilservice_app default_android_service service_manager b/366116096
+dumpstate system_data_file dir b/377787445
-hal_audio_default fwk_stats_service service_manager b/340369535
+grilservice_app twoshay binder b/375564898
-hal_audio_default traced_producer_socket sock_file b/340369535
+hal_camera_default aconfig_storage_metadata_file dir b/383013471
 hal_bluetooth_btlinux vendor_aoc_prop file b/353262026
 hal_bluetooth_btlinux vendor_default_prop property_service b/350830390
 hal_bluetooth_btlinux vendor_default_prop property_service b/350830756
 hal_bluetooth_btlinux vendor_default_prop property_service b/350830758
 hal_gnss_default vendor_gps_prop file b/318310869
 hal_gnss_pixel vendor_gps_file file b/378004800
 hal_graphics_composer_default sysfs file b/379245673
 hal_power_default hal_power_default capability b/350830411
 hal_wlcservice default_prop file b/350830657
 hal_wlcservice default_prop file b/350830879
 incidentd incidentd anon_inode b/322917075
 init init capability b/379206528
 kernel sepolicy_file file b/353418189
 kernel system_bootstrap_lib_file dir b/353418189
 kernel system_bootstrap_lib_file file b/353418189
 kernel system_dlkm_file dir b/353418189
-modem_svc_sit hal_radioext_default process b/368187536
+modem_svc_sit radio_vendor_data_file sock_file b/369539798
-modem_svc_sit hal_radioext_default process b/368188020
+pixelstats_vendor block_device dir b/369539751
-modem_svc_sit modem_ml_svc_sit file b/360060680
+pixelstats_vendor block_device dir b/369540515
-modem_svc_sit modem_ml_svc_sit file b/360060705
+pixelstats_vendor sysfs file b/375564818
 platform_app vendor_fw_file dir b/377412254
 platform_app vendor_modem_prop property_service b/377412254
 platform_app vendor_rild_prop file b/377412254
 priv_app audio_config_prop file b/379245788
 radio audio_config_prop file b/379244519
 ramdump ramdump capability b/369475712
 sctd sctd tcp_socket b/309550514
 sctd swcnd unix_stream_socket b/309550514
 sctd vendor_persist_config_default_prop file b/309550514
 shell sysfs_net file b/338347525
 spad spad unix_stream_socket b/309550905
 swcnd swcnd unix_stream_socket b/309551062
 system_suspend sysfs dir b/375563932
 system_suspend sysfs_touch dir b/375563932
 system_suspend sysfs_touch_gti dir b/350830429
-system_suspend sysfs_touch_gti dir b/350830680
+systemui_app system_data_file dir b/375564360
-system_suspend sysfs_touch_gti dir b/350830796
+untrusted_app audio_config_prop file b/379245853
 zygote zygote capability b/379206406
--- a/sepolicy/tracking_denials/file_contexts
+++ b/sepolicy/tracking_denials/file_contexts
@ -9,12 +9,7 @@
 /vendor/lib64/arm\.mali\.platform-V1-ndk\.so                                u:object_r:same_process_hal_file:s0
 # Devices
 /dev/logbuffer_maxq                                                         u:object_r:logbuffer_device:s0
 /dev/logbuffer_maxfg                                                        u:object_r:logbuffer_device:s0
 /dev/logbuffer_pca9468_tcpm                                                 u:object_r:logbuffer_device:s0
 /dev/logbuffer_maxfg_monitor                                                u:object_r:logbuffer_device:s0
 /dev/logbuffer_wc68                                                         u:object_r:logbuffer_device:s0
 /dev/logbuffer_ln8411                                                       u:object_r:logbuffer_device:s0
 /dev/lwis-csi                                                               u:object_r:lwis_device:s0
 /dev/lwis-eeprom-gt24p64e-imentet                                           u:object_r:lwis_device:s0
 /dev/lwis-eeprom-smaug-buraq                                                u:object_r:lwis_device:s0
--- a/sepolicy/tracking_denials/grilservice_app.te
+++ b/sepolicy/tracking_denials/grilservice_app.te
@ -1,2 +1,4 @@
 # b/312069580
 dontaudit grilservice_app hal_bluetooth_coexistence_service:service_manager { find };
 # b/366116096
 dontaudit grilservice_app default_android_service:service_manager { find };
--- a/sepolicy/vendor/camera_propsetter_app.te
+++ b/sepolicy/vendor/camera_propsetter_app.te
@ -0,0 +1,22 @@
 #  Camera Debug Tool at google3/java/com/google/android/apps/camera/tools/propsetter/
 type camera_propsetter_app, domain;
 userdebug_or_eng(`
    app_domain(camera_propsetter_app)
    net_domain(camera_propsetter_app)
    allow camera_propsetter_app activity_service:service_manager find;
    allow camera_propsetter_app activity_task_service:service_manager find;
    allow camera_propsetter_app autofill_service:service_manager find;
    allow camera_propsetter_app audio_service:service_manager find;
    allow camera_propsetter_app content_capture_service:service_manager find;
    allow camera_propsetter_app gpu_service:service_manager find;
    allow camera_propsetter_app hint_service:service_manager find;
    allow camera_propsetter_app netstats_service:service_manager find;
    allow camera_propsetter_app sensitive_content_protection_service:service_manager find;
    allow camera_propsetter_app textservices_service:service_manager find;
    allow camera_propsetter_app voiceinteraction_service:service_manager find;
    set_prop(camera_propsetter_app, vendor_camera_prop)
 ')
--- a/sepolicy/vendor/debug_camera_app.te
+++ b/sepolicy/vendor/debug_camera_app.te
@ -1,4 +1,8 @@
 # File containing sepolicies for GCA-Eng & GCA-Next.
 userdebug_or_eng(`
        # Allows GCA_Eng & GCA-Next to access the hw_jpeg /dev/video12.
        allow debug_camera_app hw_jpg_device:chr_file rw_file_perms;
 	# Allows tachyon_service to communicate with GCA-Eng via binder.
 	binder_call(edgetpu_tachyon_server, debug_camera_app);
 ')
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@ -18,6 +18,7 @@ type sysfs_fabric, sysfs_type, fs_type;
 type sysfs_em_profile, sysfs_type, fs_type;
 type sysfs_ospm, sysfs_type, fs_type;
 type sysfs_lhbm, sysfs_type, fs_type;
 type sysfs_aoc_udfps, sysfs_type, fs_type;
 # debugfs
 type vendor_regmap_debugfs, fs_type, debugfs_type;
@ -60,6 +61,7 @@ type chre_socket, file_type;
 # BT
 type vendor_bt_data_file, file_type, data_file_type;
 type sysfs_bt_uart, sysfs_type, fs_type;
 # Vendor sched files
 userdebug_or_eng(`
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@ -69,6 +69,7 @@
 /dev/logbuffer_maxfg_secondary                                              u:object_r:logbuffer_device:s0
 /dev/logbuffer_maxfg_base_monitor                                           u:object_r:logbuffer_device:s0
 /dev/logbuffer_maxfg_secondary_monitor                                      u:object_r:logbuffer_device:s0
 /dev/logbuffer_dual_batt                                                    u:object_r:logbuffer_device:s0
 /dev/logbuffer_tcpm                                                         u:object_r:logbuffer_device:s0
 /dev/logbuffer_usbpd                                                        u:object_r:logbuffer_device:s0
 /dev/logbuffer_pogo_transport                                               u:object_r:logbuffer_device:s0
@ -130,6 +131,8 @@
 /dev/logbuffer_rtx                                                          u:object_r:logbuffer_device:s0
 /dev/logbuffer_max77779fg                                                   u:object_r:logbuffer_device:s0
 /dev/logbuffer_pca9468                                                      u:object_r:logbuffer_device:s0
 /dev/logbuffer_ln8411                                                       u:object_r:logbuffer_device:s0
 /dev/logbuffer_dc_mains                                                     u:object_r:logbuffer_device:s0
 /dev/logbuffer_cpm                                                          u:object_r:logbuffer_device:s0
 /dev/logbuffer_cpif                                                         u:object_r:logbuffer_device:s0
 /dev/logbuffer_max77779fg_monitor                                           u:object_r:logbuffer_device:s0
--- a/sepolicy/vendor/genfs_contexts
+++ b/sepolicy/vendor/genfs_contexts
@ -31,6 +31,8 @@ genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-0057/registers_dump
 genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-0050/eeprom                   u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-005b/power_supply             u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-005b/registers_dump           u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-005e/power_supply             u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-11/11-005e/registers_dump           u:object_r:sysfs_power_dump:s0
 genfscon sysfs /class/power_supply/wireless/device/version                              u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /class/power_supply/wireless/device/status                               u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /class/power_supply/wireless/device/fw_rev                               u:object_r:sysfs_batteryinfo:s0
@ -148,6 +150,8 @@ genfscon sysfs /devices/platform/sound-aoc/wakeup
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/wakeup/                                              u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/19450000.drmdsim/19450000.drmdsim.0/wakeup/                                              u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/gnssif/wakeup                                                                            u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/odm/odm:fps_touch_handler/power/wakeup                                                   u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/odm/odm:fps_touch_handler/wakeup                                                         u:object_r:sysfs_wakeup:s0
 # WiFi
 genfscon sysfs /wifi                                                           u:object_r:sysfs_wifi:s0
@ -370,13 +374,14 @@ genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/refresh_ctr
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/te_option                            u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/te_rate_hz                           u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/time_in_state                        u:object_r:sysfs_display:s0
-genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/frame_interval                       u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/frame_interval_ns                    u:object_r:sysfs_display:s0
-genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/expected_present_time                u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/expected_present_time_ns             u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/19470000.drmdecon/dqe0/atc                                               u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/19470000.drmdecon/hibernation                                            u:object_r:sysfs_display:s0
 genfscon sysfs /module/drm/parameters/vblankoffdelay                                                      u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/exynos-drm/tui_status                                                    u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/backlight/panel0-backlight/als_table u:object_r:sysfs_write_leds:s0
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/color_data                           u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/error_count_te                       u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/error_count_unknown                  u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/110f0000.drmdp/drm-displayport/dp_hotplug_error_code                     u:object_r:sysfs_display:s0
@ -464,6 +469,9 @@ genfscon sysfs /devices/platform/17000000.aoc/control/memory_exception      u:ob
 genfscon sysfs /devices/platform/17000000.aoc/control/memory_votes_a32      u:object_r:sysfs_aoc_dumpstate:s0
 genfscon sysfs /devices/platform/17000000.aoc/control/memory_votes_ff1      u:object_r:sysfs_aoc_dumpstate:s0
 genfscon sysfs /devices/platform/17000000.aoc/notify_timeout_aoc_status     u:object_r:sysfs_aoc_notifytimeout:s0
 genfscon sysfs /devices/platform/17000000.aoc/control/udfps_set_clock_source    u:object_r:sysfs_aoc_udfps:s0
 genfscon sysfs /devices/platform/17000000.aoc/control/udfps_get_osc_freq        u:object_r:sysfs_aoc_udfps:s0
 genfscon sysfs /devices/platform/17000000.aoc/control/udfps_get_disp_freq       u:object_r:sysfs_aoc_udfps:s0
 # OTA
 genfscon sysfs /devices/platform/13200000.ufs/pixel/boot_lun_enabled           u:object_r:sysfs_ota:s0
@ -488,3 +496,6 @@ genfscon sysfs /devices/platform/pwmleds/leds/green/max_brightness        u:obje
 # CPU
 genfscon sysfs /kernel/metrics/cpuidle_histogram/cpuidle_histogram        u:object_r:sysfs_cpu:s0
 genfscon sysfs /kernel/metrics/cpuidle_histogram/cpucluster_histogram     u:object_r:sysfs_cpu:s0
 # Bluetooth
 genfscon sysfs /devices/platform/155d0000.serial/uart_dbg     u:object_r:sysfs_bt_uart:s0
--- a/sepolicy/vendor/google_camera_app.te
+++ b/sepolicy/vendor/google_camera_app.te
@ -8,3 +8,6 @@ allow google_camera_app edgetpu_device:chr_file { getattr read write ioctl map }
 # Allows GCA to access the hw_jpeg /dev/video12.
 allow google_camera_app hw_jpg_device:chr_file rw_file_perms;
 # Allows tachyon service to communicate with google_camera_app via binder.
 binder_call(edgetpu_tachyon_server, google_camera_app);
--- a/sepolicy/vendor/hal_bluetooth_btlinux.te
+++ b/sepolicy/vendor/hal_bluetooth_btlinux.te
@ -1 +1,4 @@
 # Allow triggering uart skip suspend
 allow hal_bluetooth_btlinux sysfs_bt_uart:file w_file_perms;
 allow hal_bluetooth_btlinux vendor_bt_data_file:sock_file create_file_perms;
--- a/sepolicy/vendor/hal_camera_default.te
+++ b/sepolicy/vendor/hal_camera_default.te
@ -74,6 +74,7 @@ allow hal_camera_default sysfs_display:file r_file_perms;
 # Allow camera HAL to query preferred camera frequencies from the radio HAL
 # extensions to avoid interference with cellular antennas.
 allow hal_camera_default hal_radioext_hwservice:hwservice_manager find;
 allow hal_camera_default hal_radio_ext_service:service_manager find;
 # Allows camera HAL to access the hw_jpeg /dev/video12.
 allow hal_camera_default hw_jpg_device:chr_file rw_file_perms;
--- a/sepolicy/vendor/hal_fingerprint_default.te
+++ b/sepolicy/vendor/hal_fingerprint_default.te
@ -60,3 +60,7 @@ allow hal_fingerprint_default vendor_fingerprint_data_file:file create_file_perm
 # Allow fingerprint to rw lhbm files
 allow hal_fingerprint_default sysfs_lhbm:file rw_file_perms;
 # Allow fingerprint to access sysfs_aoc_udfps
 allow hal_fingerprint_default sysfs_aoc:dir search;
 allow hal_fingerprint_default sysfs_aoc_udfps:file rw_file_perms;
--- a/sepolicy/vendor/keys.conf
+++ b/sepolicy/vendor/keys.conf
@ -1,3 +1,2 @@
 [@EUICCSUPPORTPIXEL]
 ALL : device/google/zumapro/sepolicy/vendor/certs/EuiccSupportPixel.x509.pem
--- a/sepolicy/vendor/property.te
+++ b/sepolicy/vendor/property.te
@ -18,3 +18,6 @@ vendor_internal_prop(vendor_battery_defender_prop)
 # Mali Integration
 vendor_restricted_prop(vendor_arm_runtime_option_prop)
 # This prop will be set to "mounted" after /mnt/vendor/persist mounts
 vendor_internal_prop(vendor_persist_prop)
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@ -36,3 +36,6 @@ ro.vendor.primarydisplay.vrr.expected_present.headsup_ns       u:object_r:vendor
 ro.vendor.primarydisplay.vrr.expected_present.timeout_ns       u:object_r:vendor_display_prop:s0 exact int
 ro.vendor.primarydisplay.powerstats.entity_name       u:object_r:vendor_display_prop:s0 exact string
 ro.vendor.secondarydisplay.blocking_zone.min_refresh_rate_by_nits u:object_r:vendor_display_prop:s0 exact string
 # For checking if persist partition is mounted
 ro.vendor.persist.status u:object_r:vendor_persist_prop:s0 exact string
--- a/sepolicy/vendor/seapp_contexts
+++ b/sepolicy/vendor/seapp_contexts
@ -1,3 +1,5 @@
 # Domain for EuiccSupportPixel
 user=_app isPrivApp=true seinfo=EuiccSupportPixel name=com.google.euiccpixel domain=euiccpixel_app type=app_data_file levelFrom=all
 # Camera propsetter app
 user=_app seinfo=CameraEng name=com.google.android.apps.camera.tools.propsetter domain=camera_propsetter_app type=app_data_file levelFrom=all
--- a/sepolicy/vendor/service_contexts
+++ b/sepolicy/vendor/service_contexts
@ -2,5 +2,5 @@ vendor.qti.hardware.fingerprint.IQfpExtendedFingerprint/default   u:object_r:hal
 com.google.hardware.pixel.display.IDisplay/default                u:object_r:hal_pixel_display_service:s0
 vendor.google.wireless_charger.IWirelessCharger/default           u:object_r:hal_wireless_charger_service:s0
 hardware.qorvo.uwb.IUwbVendor/default                             u:object_r:hal_uwb_vendor_service:s0
 android.hardware.media.c2.IComponentStore/default1                u:object_r:hal_codec2_service:s0
 com.android.server.modemml.ITFLiteService/default                 u:object_r:modemml_tflite_service:s0
 vendor.goodix.hardware.biometrics.fingerprint.IGoodixFingerprintDaemon/default  u:object_r:hal_fingerprint_service:s0
--- a/sepolicy/vendor/vendor_init.te
+++ b/sepolicy/vendor/vendor_init.te
@ -8,3 +8,6 @@ userdebug_or_eng(`
    set_prop(vendor_init, vendor_imssvc_prop)
 ')
 # Allow vendor_init to read ro.vendor.persist.status
 # to process init.rc actions
 set_prop(vendor_init, vendor_persist_prop)
--- a/sepolicy/zumapro-sepolicy.mk
+++ b/sepolicy/zumapro-sepolicy.mk
@ -10,9 +10,8 @@ BOARD_SEPOLICY_DIRS += \
 BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/googlebattery
 # sepolicy that are shared among devices using zumapro
 BOARD_SEPOLICY_DIRS += device/google/zumapro/sepolicy/aam
 BOARD_SEPOLICY_DIRS += device/google/zumapro/sepolicy/vendor
-BOARD_SEPOLICY_DIRS += device/google/zumapro/sepolicy/radio
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/zumapro/sepolicy/radio
 PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/zumapro/sepolicy/radio/private
 # unresolved SELinux error log with bug tracking
		`@ -0,0 +1,2 @@`
							`# b/382362300`
							`dontaudit bluetooth default_android_service:service_manager { find };`
`@ -1,3 +1,2 @@`
	`[@EUICCSUPPORTPIXEL]`	`[@EUICCSUPPORTPIXEL]`
	`ALL : device/google/zumapro/sepolicy/vendor/certs/EuiccSupportPixel.x509.pem`	`ALL : device/google/zumapro/sepolicy/vendor/certs/EuiccSupportPixel.x509.pem`