Merge Android 24Q1 Release (ab/11220357)temp_319669529

Bug: 319669529
Merged-In: I5fdcb15328490809e8fc04628f734f3a0f759caf
Change-Id: Iaad9312dfbe6d772dc9346ef9c0a0e7ccf099530

14 files changed, 6 insertions, 68 deletions

diff --git a/citadel/citadeld.te b/citadel/citadeld.te
index 9490258..959704b 100644
--- a/citadel/citadeld.te
+++ b/citadel/citadeld.te
@@ -18,3 +18,6 @@ allow citadeld fwk_stats_hwservice:hwservice_manager find;
 binder_call(citadeld, stats_service_server)
 allow citadeld fwk_stats_service:service_manager find;
 binder_use(citadeld)
+
+# Let citadeld set property
+set_prop(citadeld, vendor_nos_citadel_version);
diff --git a/citadel/property.te b/citadel/property.te
new file mode 100644
index 0000000..2e1c4ec
--- /dev/null
+++ b/citadel/property.te
@@ -0,0 +1 @@
+vendor_internal_prop(vendor_nos_citadel_version)
diff --git a/citadel/property_contexts b/citadel/property_contexts
new file mode 100644
index 0000000..835de17
--- /dev/null
+++ b/citadel/property_contexts
@@ -0,0 +1 @@
+vendor.nos.citadel.version     u:object_r:vendor_nos_citadel_version:s0
diff --git a/common/vendor/te_macros b/common/vendor/te_macros
index c9a9c04..99873fe 100644
--- a/common/vendor/te_macros
+++ b/common/vendor/te_macros
@@ -12,6 +12,7 @@ domain_auto_trans(hal_dumpstate_default, $1_exec, $1)
 allow $1 dumpstate:fd use;
 allow $1 dumpstate:fifo_file { write getattr };
 allow $1 hal_dumpstate_default:fd use;
+allow hal_dumpstate_default $1:process { sigkill signal };
 allow $1 shell_data_file:file { write getattr };
 ')
 
diff --git a/thermal/file.te b/thermal/file.te
deleted file mode 100644
index a2b1ab8..0000000
--- a/thermal/file.te
+++ /dev/null
@@ -1,2 +0,0 @@
-type thermal_link_device, dev_type;
-type debugfs_thermal, debugfs_type, fs_type;
diff --git a/thermal/file_contexts b/thermal/file_contexts
deleted file mode 100644
index c3fb04f..0000000
--- a/thermal/file_contexts
+++ /dev/null
@@ -1,6 +0,0 @@
-/vendor/bin/hw/android\.hardware\.thermal@2\.0-service\.pixel                     u:object_r:hal_thermal_default_exec:s0
-/vendor/bin/hw/android\.hardware\.thermal-service\.pixel                          u:object_r:hal_thermal_default_exec:s0
-/vendor/bin/thermal_logd                                                          u:object_r:init-thermal-logging-sh_exec:s0
-/vendor/bin/thermal_controld                                                      u:object_r:pixel-thermal-control-sh_exec:s0
-/vendor/bin/thermal_symlinks                                                      u:object_r:init-thermal-symlinks-sh_exec:s0
-/dev/thermal(/.*)?                                                                u:object_r:thermal_link_device:s0
diff --git a/thermal/genfs_contexts b/thermal/genfs_contexts
deleted file mode 100644
index 3000fa0..0000000
--- a/thermal/genfs_contexts
+++ /dev/null
@@ -1,3 +0,0 @@
-genfscon sysfs /devices/virtual/thermal                                        u:object_r:sysfs_thermal:s0
-genfscon sysfs /class/thermal                                                  u:object_r:sysfs_thermal:s0
-genfscon debugfs /gs101-thermal                                                u:object_r:debugfs_thermal:s0
diff --git a/thermal/hal_thermal_default.te b/thermal/hal_thermal_default.te
deleted file mode 100644
index 45ccf3a..0000000
--- a/thermal/hal_thermal_default.te
+++ /dev/null
@@ -1,16 +0,0 @@
-allow hal_thermal_default sysfs_thermal:dir r_dir_perms;
-allow hal_thermal_default sysfs_thermal:file rw_file_perms;
-allow hal_thermal_default sysfs_thermal:lnk_file r_file_perms;
-allow hal_thermal_default thermal_link_device:dir r_dir_perms;
-allow hal_thermal_default proc_stat:file r_file_perms;
-allow hal_thermal_default self:netlink_generic_socket create_socket_perms_no_ioctl;
-allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
-
-hal_client_domain(hal_thermal_default, hal_power);
-
-# read thermal_config
-get_prop(hal_thermal_default, vendor_thermal_prop)
-
-# Needed for reporting thermal stats event
-allow hal_thermal_default fwk_stats_service:service_manager find;
-binder_call(hal_thermal_default, servicemanager)
diff --git a/thermal/init-thermal-logging.sh.te b/thermal/init-thermal-logging.sh.te
deleted file mode 100644
index 3da540e..0000000
--- a/thermal/init-thermal-logging.sh.te
+++ /dev/null
@@ -1,10 +0,0 @@
-type init-thermal-logging-sh, domain;
-type init-thermal-logging-sh_exec, exec_type, vendor_file_type, file_type;
-
-init_daemon_domain(init-thermal-logging-sh)
-
-userdebug_or_eng(`
-  allow init-thermal-logging-sh vendor_toolbox_exec:file rx_file_perms;
-  allow init-thermal-logging-sh sysfs_thermal:dir r_dir_perms;
-  allow init-thermal-logging-sh sysfs_thermal:file r_file_perms;
-')
diff --git a/thermal/init-thermal-symlinks.sh.te b/thermal/init-thermal-symlinks.sh.te
deleted file mode 100644
index 093512c..0000000
--- a/thermal/init-thermal-symlinks.sh.te
+++ /dev/null
@@ -1,12 +0,0 @@
-type init-thermal-symlinks-sh, domain;
-type init-thermal-symlinks-sh_exec, exec_type, vendor_file_type, file_type;
-
-init_daemon_domain(init-thermal-symlinks-sh)
-
-allow init-thermal-symlinks-sh vendor_toolbox_exec:file rx_file_perms;
-allow init-thermal-symlinks-sh thermal_link_device:dir rw_dir_perms;
-allow init-thermal-symlinks-sh thermal_link_device:lnk_file create_file_perms;
-allow init-thermal-symlinks-sh sysfs_thermal:dir r_dir_perms;
-allow init-thermal-symlinks-sh sysfs_thermal:file r_file_perms;
-allow init-thermal-symlinks-sh sysfs_thermal:lnk_file r_file_perms;
-set_prop(init-thermal-symlinks-sh, vendor_thermal_prop)
diff --git a/thermal/pixel-thermal-control.sh.te b/thermal/pixel-thermal-control.sh.te
deleted file mode 100644
index a6430f1..0000000
--- a/thermal/pixel-thermal-control.sh.te
+++ /dev/null
@@ -1,13 +0,0 @@
-type pixel-thermal-control-sh, domain;
-type pixel-thermal-control-sh_exec, exec_type, vendor_file_type, file_type;
-
-init_daemon_domain(pixel-thermal-control-sh)
-
-userdebug_or_eng(`
-  allow pixel-thermal-control-sh vendor_toolbox_exec:file execute_no_trans;
-  allow pixel-thermal-control-sh sysfs_thermal:dir r_dir_perms;
-  allow pixel-thermal-control-sh sysfs_thermal:file rw_file_perms;
-  allow pixel-thermal-control-sh sysfs_thermal:lnk_file r_file_perms;
-  allow pixel-thermal-control-sh thermal_link_device:dir r_dir_perms;
-  get_prop(pixel-thermal-control-sh, vendor_thermal_prop)
-')
diff --git a/thermal/property.te b/thermal/property.te
deleted file mode 100644
index 676c85a..0000000
--- a/thermal/property.te
+++ /dev/null
@@ -1,2 +0,0 @@
-#thermal HAL
-vendor_internal_prop(vendor_thermal_prop)
diff --git a/thermal/property_contexts b/thermal/property_contexts
deleted file mode 100644
index 65a02ee..0000000
--- a/thermal/property_contexts
+++ /dev/null
@@ -1 +0,0 @@
-vendor.thermal.                           u:object_r:vendor_thermal_prop:s0
diff --git a/thermal/vendor_init.te b/thermal/vendor_init.te
deleted file mode 100644
index aaf6ac1..0000000
--- a/thermal/vendor_init.te
+++ /dev/null
@@ -1,3 +0,0 @@
-allow vendor_init thermal_link_device:dir r_dir_perms;
-allow vendor_init thermal_link_device:lnk_file r_file_perms;
-set_prop(vendor_init, vendor_thermal_prop)