Snap for 11400057 from 4f48ed0e89c4a45891378566ad4606ed6d9c432d to simpleperf-releasesimpleperf-release

Change-Id: I06a2133630c396008f85745201e7f73a8774ff7c

14 files changed, 13 insertions, 42 deletions

diff --git a/common/vendor/attributes b/common/vendor/attributes
new file mode 100644
index 0000000..25b59ac
--- /dev/null
+++ b/common/vendor/attributes
@@ -0,0 +1,2 @@
+attribute pixel_battery_domain;
+attribute pixel_battery_service_type;
diff --git a/debugpolicy/init_dpm.te b/debugpolicy/init_dpm.te
index 3a4f936..8938eef 100644
--- a/debugpolicy/init_dpm.te
+++ b/debugpolicy/init_dpm.te
@@ -8,4 +8,5 @@ allow init_dpm vendor_toolbox_exec:file execute_no_trans;
 allow init_dpm sysfs_dpm:file r_file_perms;
 allow init_dpm block_device:dir search;
 allow init_dpm dpm_block_device:blk_file rw_file_perms;
+allow init_dpm custom_ab_block_device:blk_file rw_file_perms;
 ')
diff --git a/googlebattery/hal_googlebattery.te b/googlebattery/hal_googlebattery.te
index 2cc3a7c..370b8d6 100644
--- a/googlebattery/hal_googlebattery.te
+++ b/googlebattery/hal_googlebattery.te
@@ -1,4 +1,4 @@
-type hal_googlebattery, domain;
+type hal_googlebattery, domain, pixel_battery_domain;
 type hal_googlebattery_exec, exec_type, vendor_file_type, file_type;
 
 init_daemon_domain(hal_googlebattery)
diff --git a/googlebattery/service.te b/googlebattery/service.te
index e68baa9..440b1ce 100644
--- a/googlebattery/service.te
+++ b/googlebattery/service.te
@@ -1 +1 @@
-type hal_googlebattery_service, hal_service_type, service_manager_type;
+type hal_googlebattery_service, hal_service_type, service_manager_type, pixel_battery_service_type;
diff --git a/input/platform_app.te b/input/platform_app.te
index 2d47236..9b4a7af 100644
--- a/input/platform_app.te
+++ b/input/platform_app.te
@@ -1,3 +1,4 @@
+allow platform_app screen_protector_detector_service:service_manager find;
 allow platform_app touch_context_service:service_manager find;
 allow platform_app gril_antenna_tuning_service:service_manager find;
 binder_call(platform_app, twoshay)
diff --git a/input/service.te b/input/service.te
index d521666..d59328b 100644
--- a/input/service.te
+++ b/input/service.te
@@ -1,2 +1,3 @@
 type gril_antenna_tuning_service, service_manager_type, hal_service_type;
 type touch_context_service, service_manager_type, hal_service_type;
+type screen_protector_detector_service, service_manager_type, hal_service_type;
diff --git a/input/service_contexts b/input/service_contexts
index ed69aef..f48eee4 100644
--- a/input/service_contexts
+++ b/input/service_contexts
@@ -1,2 +1,3 @@
 com.google.input.algos.gril.IGrilAntennaTuningService/default              u:object_r:gril_antenna_tuning_service:s0
 com.google.input.ITouchContextService/default              u:object_r:touch_context_service:s0
+com.google.input.algos.spd.IScreenProtectorDetectorService/default u:object_r:screen_protector_detector_service:s0
diff --git a/input/twoshay.te b/input/twoshay.te
index 3d48318..1cbbbc6 100644
--- a/input/twoshay.te
+++ b/input/twoshay.te
@@ -7,6 +7,7 @@ allow twoshay touch_offload_device:chr_file rw_file_perms;
 allow twoshay twoshay:capability sys_nice;
 
 binder_use(twoshay)
+add_service(twoshay, screen_protector_detector_service)
 add_service(twoshay, touch_context_service)
 add_service(twoshay, gril_antenna_tuning_service)
 binder_call(twoshay, platform_app)
diff --git a/power-libperfmgr/hal_power_default.te b/power-libperfmgr/hal_power_default.te
index b4d4f65..8d6a9fe 100644
--- a/power-libperfmgr/hal_power_default.te
+++ b/power-libperfmgr/hal_power_default.te
@@ -28,11 +28,12 @@ allow hal_power_default proc_stat:file r_file_perms;
 allow hal_power_default proc_vendor_sched:dir r_dir_perms;
 allow hal_power_default proc_vendor_sched:file r_file_perms;
 
-# Allow read/write thermal sysfs
+# Allow read/write thermal sysfs and property
 allow hal_power_default thermal_link_device:dir r_dir_perms;
 allow hal_power_default sysfs_thermal:dir r_dir_perms;
 allow hal_power_default sysfs_thermal:file rw_file_perms;
 allow hal_power_default sysfs_thermal:lnk_file r_file_perms;
+set_prop(hal_power_default, vendor_thermal_prop)
 
 userdebug_or_eng(`
 # Allow reading /data/vendor/* for debugging
diff --git a/sota_app/system_ext/factory_ota_app.te b/sota_app/system_ext/factory_ota_app.te
deleted file mode 100644
index f48adeb..0000000
--- a/sota_app/system_ext/factory_ota_app.te
+++ /dev/null
@@ -1,32 +0,0 @@
-type factory_ota_app, domain, coredomain;
-
-app_domain(factory_ota_app)
-net_domain(factory_ota_app)
-
-# Write to /data/ota_package for OTA packages.
-# Factory OTA client will download OTA image into ota_package folder and unzip it.
-# Than Update engine could use it to execute OTA process.
-# So Factory OTA client need read / write and create file access right for this folder
-allow factory_ota_app ota_package_file:dir rw_dir_perms;
-allow factory_ota_app ota_package_file:file create_file_perms;
-
-# Properties
-# For write system property persist.*
-set_prop(factory_ota_app, sota_prop);
-
-# Services
-# For get access WiFi manager service and activity service
-allow factory_ota_app app_api_service:service_manager find;
-# Allow Factory OTA to call Update Engine
-binder_call(factory_ota_app, update_engine)
-# Allow Update Engine to call the Factory OTA callback
-binder_call(update_engine, factory_ota_app)
-#For access update engine function
-allow factory_ota_app update_engine_service:service_manager find;
-#For disable NFC wake up device feature
-allow factory_ota_app nfc_service:service_manager find;
-#For get device IMEI
-allow factory_ota_app radio_service:service_manager find;
-
-# For suppress more GPU service sepolicy error log.
-dontaudit factory_ota_app gpuservice:binder call;
diff --git a/sota_app/system_ext/property_contexts b/sota_app/system_ext/property_contexts
deleted file mode 100644
index 444fda2..0000000
--- a/sota_app/system_ext/property_contexts
+++ /dev/null
@@ -1,4 +0,0 @@
-ro.boot.sota                                    u:object_r:sota_prop:s0
-ro.boot.sota.                                   u:object_r:sota_prop:s0
-persist.vendor.factoryota.                      u:object_r:sota_prop:s0
-persist.vendor.radio.bootwithlpm                u:object_r:sota_prop:s0
diff --git a/sota_app/system_ext/seapp_contexts b/sota_app/system_ext/seapp_contexts
deleted file mode 100644
index 673f451..0000000
--- a/sota_app/system_ext/seapp_contexts
+++ /dev/null
@@ -1,2 +0,0 @@
-# Factory OTA
-user=_app seinfo=platform name=com.google.android.factoryota domain=factory_ota_app levelFrom=all
diff --git a/sota_app/system_ext/vendor_init.te b/sota_app/system_ext/vendor_init.te
deleted file mode 100644
index 11191e3..0000000
--- a/sota_app/system_ext/vendor_init.te
+++ /dev/null
@@ -1 +0,0 @@
-set_prop(vendor_init, sota_prop)
diff --git a/vibrator/cs40l26/hal_vibrator_default.te b/vibrator/cs40l26/hal_vibrator_default.te
index c61cefe..b375141 100644
--- a/vibrator/cs40l26/hal_vibrator_default.te
+++ b/vibrator/cs40l26/hal_vibrator_default.te
@@ -17,6 +17,8 @@ get_prop(hal_vibrator_default, vendor_vibrator_prop);
 
 # Allow Vibrator HAL to communicate with daemon via socket
 unix_socket_connect(hal_vibrator_default, chre, chre);
+## TODO(b/248615564): Remove above rule after CHRE multiclient HAL is launched.
+unix_socket_connect(hal_vibrator_default, chre, hal_contexthub_default)
 
 # Allow vibrator HAL's default implementation to use vendor-binder service
 vndbinder_use(hal_vibrator_default);