Snap for 8564071 from b99951ceb737e640110324e6899c485d9a3a4401 to mainline-wifi-release

Change-Id: I6b88869ae080bb9add4b129dd9de87b3d28118ca

8 files changed, 38 insertions, 14 deletions

diff --git a/OWNERS b/OWNERS
index c133e99..791abb4 100644
--- a/OWNERS
+++ b/OWNERS
@@ -1,13 +1,3 @@
-adamshih@google.com
-alanstokes@google.com
-bowgotsai@google.com
-jbires@google.com
-jeffv@google.com
-jgalenson@google.com
-jiyong@google.com
-nnk@google.com
+include platform/system/sepolicy:/OWNERS
+
 rurumihong@google.com
-smoreland@google.com
-sspatil@google.com
-tomcherry@google.com
-trong@google.com
diff --git a/PREUPLOAD.cfg b/PREUPLOAD.cfg
new file mode 100644
index 0000000..3591c7f
--- /dev/null
+++ b/PREUPLOAD.cfg
@@ -0,0 +1,3 @@
+[Hook Scripts]
+aosp_hook = ${REPO_ROOT}/frameworks/base/tools/aosp/aosp_sha.sh ${PREUPLOAD_COMMIT} "."
+
diff --git a/redfin-sepolicy.mk b/redfin-sepolicy.mk
index a52d988..30ba5ce 100644
--- a/redfin-sepolicy.mk
+++ b/redfin-sepolicy.mk
@@ -1,2 +1,3 @@
 # vendors
 BOARD_SEPOLICY_DIRS += device/google/redfin-sepolicy/vendor/google
+BOARD_SEPOLICY_DIRS += device/google/redfin-sepolicy/tracking_denials
diff --git a/tracking_denials/hal_power_default.te b/tracking_denials/hal_power_default.te
new file mode 100644
index 0000000..37f09d2
--- /dev/null
+++ b/tracking_denials/hal_power_default.te
@@ -0,0 +1,3 @@
+# b/178988508
+dontaudit hal_power_default hal_power_default:capability dac_override ;
+dontaudit hal_power_default hal_power_default:capability dac_override ;
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts
index d53eadc..97263fe 100644
--- a/vendor/google/file_contexts
+++ b/vendor/google/file_contexts
@@ -1,4 +1,4 @@
 # vendor binaries
-/vendor/bin/hw/android\.hardware\.usb@1\.2-service\.redfin                             u:object_r:hal_usb_impl_exec:s0
-/vendor/bin/hw/android\.hardware\.vibrator@1\.3-service\.redfin                        u:object_r:hal_vibrator_default_exec:s0
+/vendor/bin/hw/android\.hardware\.usb@1\.3-service\.redfin                             u:object_r:hal_usb_impl_exec:s0
+/vendor/bin/hw/android\.hardware\.vibrator-service\.redfin                             u:object_r:hal_vibrator_default_exec:s0
 /vendor/bin/hw/android\.hardware\.dumpstate@1\.1-service\.redfin                       u:object_r:hal_dumpstate_impl_exec:s0
diff --git a/vendor/google/hal_dumpstate_impl.te b/vendor/google/hal_dumpstate_impl.te
new file mode 100644
index 0000000..83d1673
--- /dev/null
+++ b/vendor/google/hal_dumpstate_impl.te
@@ -0,0 +1,3 @@
+# Access to WLC firmware info
+allow hal_dumpstate_impl sysfs_wlc:dir r_dir_perms;
+allow hal_dumpstate_impl sysfs_wlc:file r_file_perms;
diff --git a/vendor/google/pixelstats_vendor.te b/vendor/google/pixelstats_vendor.te
new file mode 100644
index 0000000..df2b668
--- /dev/null
+++ b/vendor/google/pixelstats_vendor.te
@@ -0,0 +1,22 @@
+r_dir_file(pixelstats_vendor, sysfs_pixelstats)
+
+unix_socket_connect(pixelstats_vendor, chre, chre)
+
+get_prop(pixelstats_vendor, hwservicemanager_prop)
+hwbinder_use(pixelstats_vendor)
+allow pixelstats_vendor hal_pixelstats_hwservice:hwservice_manager find;
+
+allow pixelstats_vendor fwk_stats_hwservice:hwservice_manager find;
+binder_call(pixelstats_vendor, statsd)
+
+binder_use(pixelstats_vendor)
+allow pixelstats_vendor fwk_stats_service:service_manager find;
+
+allow pixelstats_vendor sysfs_scsi_devices_0000:file rw_file_perms;
+
+# wlc
+allow pixelstats_vendor sysfs_wlc:dir search;
+
+# OrientationCollector
+allow pixelstats_vendor fwk_sensor_hwservice:hwservice_manager find;
+binder_call(pixelstats_vendor, system_server)
diff --git a/vendor/google/system_server.te b/vendor/google/system_server.te
new file mode 100644
index 0000000..2adcf05
--- /dev/null
+++ b/vendor/google/system_server.te
@@ -0,0 +1,2 @@
+# pixelstats_vendor/OrientationCollector
+binder_call(system_server, pixelstats_vendor)