Merge "gs-common: nfc: st54spi: Add rules for hal_secure_element_st54spi_aidl" into main
diff --git a/dauntless/gsc.mk b/dauntless/gsc.mk
index 188d9f9..c1cf0e0 100644
--- a/dauntless/gsc.mk
+++ b/dauntless/gsc.mk
@@ -20,4 +20,76 @@
nugget_targeted_tests \
CitadelProvision \
nugget_aidl_test_weaver
+
+# Assign default value for RELEASE_GOOGLE_DAUNTLESS_DIR if no trunk flags support
+RELEASE_GOOGLE_DAUNTLESS_DIR ?= vendor/google_nos/prebuilts/dauntless
+
+# The production Dauntless firmware will be of flavors evt and d3m2.
+# There are also several flavors of pre-release chips. Each flavor
+# (production and pre-release) requires the firmware to be signed differently.
+DAUNTLESS_FIRMWARE_SIZE := 1048576
+
+# The nearly-production Dauntless chips are "proto1.1"
+ifneq (,$(wildcard $(RELEASE_GOOGLE_DAUNTLESS_DIR)/proto11.ec.bin))
+ifneq ($(DAUNTLESS_FIRMWARE_SIZE), $(shell stat -c "%s" $(RELEASE_GOOGLE_DAUNTLESS_DIR)/proto11.ec.bin))
+$(error GSC firmware size check fail)
endif
+PRODUCT_COPY_FILES += \
+ $(RELEASE_GOOGLE_DAUNTLESS_DIR)/proto11.ec.bin:$(TARGET_COPY_OUT_VENDOR)/firmware/dauntless/proto11.ec.bin
+$(call dist-for-goals,droid,$(RELEASE_GOOGLE_DAUNTLESS_DIR)/proto11.ec.bin)
+else
+$(error GSC firmware not found in $(RELEASE_GOOGLE_DAUNTLESS_DIR))
+endif
+
+# The production Dauntless chips are "evt"
+ifneq (,$(wildcard $(RELEASE_GOOGLE_DAUNTLESS_DIR)/evt.ec.bin))
+ifneq ($(DAUNTLESS_FIRMWARE_SIZE), $(shell stat -c "%s" $(RELEASE_GOOGLE_DAUNTLESS_DIR)/evt.ec.bin))
+$(error GSC firmware size check fail)
+endif
+PRODUCT_COPY_FILES += \
+ $(RELEASE_GOOGLE_DAUNTLESS_DIR)/evt.ec.bin:$(TARGET_COPY_OUT_VENDOR)/firmware/dauntless/evt.ec.bin
+$(call dist-for-goals,droid,$(RELEASE_GOOGLE_DAUNTLESS_DIR)/evt.ec.bin)
+else
+$(error GSC firmware not found in $(RELEASE_GOOGLE_DAUNTLESS_DIR))
+endif
+
+# New 2023 production Dauntless chips are "d3m2"
+ifneq (,$(wildcard $(RELEASE_GOOGLE_DAUNTLESS_DIR)/d3m2.ec.bin))
+ifneq ($(DAUNTLESS_FIRMWARE_SIZE), $(shell stat -c "%s" $(RELEASE_GOOGLE_DAUNTLESS_DIR)/d3m2.ec.bin))
+$(error GSC firmware size check fail)
+endif
+PRODUCT_COPY_FILES += \
+ $(RELEASE_GOOGLE_DAUNTLESS_DIR)/d3m2.ec.bin:$(TARGET_COPY_OUT_VENDOR)/firmware/dauntless/d3m2.ec.bin
+$(call dist-for-goals,droid,$(RELEASE_GOOGLE_DAUNTLESS_DIR)/d3m2.ec.bin)
+else
+$(error GSC firmware not found in $(RELEASE_GOOGLE_DAUNTLESS_DIR))
+endif
+
+# Intermediate image artifacts are published, but aren't included in /vendor/firmware/dauntless
+# in PRODUCT_COPY_FILES
+# This is because intermediate images aren't needed on user devices, but the published artifact
+# is useful for flashstation purposes.
+
+# proto11 chips need an intermediate image prior to upgrading to newever versions of the firmware
+ifneq (,$(wildcard vendor/google_nos/prebuilts/dauntless/intermediate_images/proto11_intermediate.ec.bin))
+ifneq ($(DAUNTLESS_FIRMWARE_SIZE), $(shell stat -c "%s" vendor/google_nos/prebuilts/dauntless/intermediate_images/proto11_intermediate.ec.bin))
+$(error GSC firmware size check fail)
+endif
+$(call dist-for-goals,droid,vendor/google_nos/prebuilts/dauntless/intermediate_images/proto11_intermediate.ec.bin)
+endif
+# evt chips need an intermediate image prior to upgrading to newever versions of the firmware
+ifneq (,$(wildcard vendor/google_nos/prebuilts/dauntless/intermediate_images/evt_intermediate.ec.bin))
+ifneq ($(DAUNTLESS_FIRMWARE_SIZE), $(shell stat -c "%s" vendor/google_nos/prebuilts/dauntless/intermediate_images/evt_intermediate.ec.bin))
+$(error GSC firmware size check fail)
+endif
+$(call dist-for-goals,droid,vendor/google_nos/prebuilts/dauntless/intermediate_images/evt_intermediate.ec.bin)
+endif
+# d3m2 chips need an intermediate image prior to upgrading to newever versions of the firmware
+ifneq (,$(wildcard vendor/google_nos/prebuilts/dauntless/intermediate_images/d3m2_intermediate.ec.bin))
+ifneq ($(DAUNTLESS_FIRMWARE_SIZE), $(shell stat -c "%s" vendor/google_nos/prebuilts/dauntless/intermediate_images/d3m2_intermediate.ec.bin))
+$(error GSC firmware size check fail)
+endif
+$(call dist-for-goals,droid,vendor/google_nos/prebuilts/dauntless/intermediate_images/d3m2_intermediate.ec.bin)
+endif
+
+endif # $(wildcard vendor)
diff --git a/display/dump_display.cpp b/display/dump_display.cpp
index b811889..2df6b4b 100644
--- a/display/dump_display.cpp
+++ b/display/dump_display.cpp
@@ -25,6 +25,6 @@
dumpFileContent("Primary panel name", "/sys/devices/platform/exynos-drm/primary-panel/panel_name");
dumpFileContent("Primary panel extra info", "/sys/devices/platform/exynos-drm/primary-panel/panel_extinfo");
dumpFileContent("Primary panel power Vreg", "/sys/devices/platform/exynos-drm/primary-panel/panel_pwr_vreg");
+ dumpFileContent("Primary panel power mode register", "/sys/devices/platform/exynos-drm/primary-panel/power_mode");
return 0;
-}
-
+}
\ No newline at end of file
diff --git a/display/dump_second_display.cpp b/display/dump_second_display.cpp
index a6f2665..80ea909 100644
--- a/display/dump_second_display.cpp
+++ b/display/dump_second_display.cpp
@@ -20,6 +20,7 @@
dumpFileContent("CRTC-1 event log", "/sys/kernel/debug/dri/0/crtc-1/event");
dumpFileContent("Secondary panel name", "/sys/devices/platform/exynos-drm/secondary-panel/panel_name");
dumpFileContent("Secondary panel extra info", "/sys/devices/platform/exynos-drm/secondary-panel/panel_extinfo");
+ dumpFileContent("Secondary panel power mode register", "/sys/devices/platform/exynos-drm/secondary-panel/power_mode");
return 0;
}
diff --git a/gps/pixel/sepolicy/hal_gnss_pixel.te b/gps/pixel/sepolicy/hal_gnss_pixel.te
index cc63702..e3e4d92 100644
--- a/gps/pixel/sepolicy/hal_gnss_pixel.te
+++ b/gps/pixel/sepolicy/hal_gnss_pixel.te
@@ -10,6 +10,9 @@
# Allow access to CHRE multiclient HAL.
get_prop(hal_gnss_pixel, vendor_chre_hal_prop)
+# Allow read vendor gps prop.
+get_prop(hal_gnss_pixel, vendor_gps_prop)
+
# Allow binder to CHRE.
binder_call(hal_gnss_pixel, hal_contexthub_default)
allow hal_gnss_pixel hal_contexthub_service:service_manager find;
diff --git a/gs_watchdogd/init.gs_watchdogd.rc b/gs_watchdogd/init.gs_watchdogd.rc
index 23d5fb2..ba3354f 100644
--- a/gs_watchdogd/init.gs_watchdogd.rc
+++ b/gs_watchdogd/init.gs_watchdogd.rc
@@ -1,5 +1,6 @@
# Pet watchdog timer every half of its timeout period.
service gs_watchdogd /system_ext/bin/gs_watchdogd
+ user root
class core
oneshot
seclabel u:r:gs_watchdogd:s0
diff --git a/performance/sepolicy/file.te b/performance/sepolicy/file.te
index 8e16bbf..e79f9b2 100644
--- a/performance/sepolicy/file.te
+++ b/performance/sepolicy/file.te
@@ -1,2 +1,8 @@
+# proactive kill
type sysfs_pakills, fs_type, sysfs_type;
+
+# bts dump
type vendor_bts_debugfs, fs_type, debugfs_type;
+
+# proc_compaction_proactiveness type
+type proc_compaction_proactiveness, fs_type, proc_type;
diff --git a/performance/sepolicy/genfs_contexts b/performance/sepolicy/genfs_contexts
index 041021c..57e3634 100644
--- a/performance/sepolicy/genfs_contexts
+++ b/performance/sepolicy/genfs_contexts
@@ -1,3 +1,4 @@
genfscon proc /sys/kernel/sched_pelt_multiplier u:object_r:proc_sched:s0
genfscon sysfs /kernel/vendor_mm/pa_kill u:object_r:sysfs_pakills:s0
genfscon debugfs /bts u:object_r:vendor_bts_debugfs:s0
+genfscon proc /sys/vm/compaction_proactiveness u:object_r:proc_compaction_proactiveness:s0
diff --git a/performance/sepolicy/vendor_init.te b/performance/sepolicy/vendor_init.te
index fefecb1..188984f 100644
--- a/performance/sepolicy/vendor_init.te
+++ b/performance/sepolicy/vendor_init.te
@@ -1,3 +1,3 @@
# MM
allow vendor_init proc_percpu_pagelist_high_fraction:file w_file_perms;
-
+allow vendor_init proc_compaction_proactiveness:file w_file_perms;
diff --git a/storage/sepolicy/ufs_firmware_update.te b/storage/sepolicy/ufs_firmware_update.te
new file mode 100644
index 0000000..1b92976
--- /dev/null
+++ b/storage/sepolicy/ufs_firmware_update.te
@@ -0,0 +1,9 @@
+# support ufs ffu via ota
+init_daemon_domain(ufs_firmware_update)
+
+# support ufs ffu via ota
+allow ufs_firmware_update vendor_toolbox_exec:file execute_no_trans;
+allow ufs_firmware_update block_device:dir { search };
+allow ufs_firmware_update ufs_internal_block_device:blk_file rw_file_perms;
+allow ufs_firmware_update sysfs_scsi_devices_0000:file r_file_perms;
+