Merge "Revert "Add a different implementation of insmod.sh"" into main
diff --git a/MK_OWNERS b/MK_OWNERS
new file mode 100644
index 0000000..67af9f7
--- /dev/null
+++ b/MK_OWNERS
@@ -0,0 +1,20 @@
+# NOTE: CHANGE THIS FILE WITH CAUTIOUS
+# - this file is referenced by other OWNERS file, e.g. device/google/*/OWNERS
+# - changing this file might break the function, check go/gerrit-code-owners-syntax first
+#
+# Makefile Review Guide for OWNERS: go/pixel-device-mk-owner-checklist
+
+aaronding@google.com
+rurumihong@google.com
+adamshih@google.com
+wilsonsung@google.com
+cyanhsieh@google.com
+cyuanjen@google.com
+robinpeng@google.com
+achant@google.com
+etam@google.com
+pattjin@google.com
+bkhalife@google.com
+lokeshgoel@google.com
+jainne@google.com
+pscovanner@google.com
diff --git a/OWNERS b/OWNERS
index 262b161..b715f13 100644
--- a/OWNERS
+++ b/OWNERS
@@ -2,5 +2,4 @@
per-file *.te,*_contexts,te_macros,global_macros=set noparent
per-file *.te,*_contexts,te_macros,global_macros=file:/sepolicy/OWNERS
per-file *.mk=set noparent
-per-file *.mk=aaronding@google.com,rurumihong@google.com,adamshih@google.com,wilsonsung@google.com,cyanhsieh@google.com,cyuanjen@google.com,robinpeng@google.com,achant@google.com,etam@google.com,pattjin@google.com,bkhalife@google.com,lokeshgoel@google.com,jainne@google.com,pscovanner@google.com
-
+per-file *.mk=file:MK_OWNERS
diff --git a/aoc/sepolicy/aocxd.te b/aoc/sepolicy/aocxd.te
index bcfcd7b..2eedf48 100644
--- a/aoc/sepolicy/aocxd.te
+++ b/aoc/sepolicy/aocxd.te
@@ -26,3 +26,6 @@
# allow managing thread priority
allow aocxd self:global_capability_class_set sys_nice;
+
+allow aocxd dumpstate:fd use;
+allow aocxd dumpstate:fifo_file write;
diff --git a/aoc/sepolicy/dumpstate.te b/aoc/sepolicy/dumpstate.te
new file mode 100644
index 0000000..5b89fe1
--- /dev/null
+++ b/aoc/sepolicy/dumpstate.te
@@ -0,0 +1,2 @@
+# Allow dumpstate to talk to aocxd over binder
+binder_call(dumpstate, aocxd)
diff --git a/aoc/sepolicy/file_contexts b/aoc/sepolicy/file_contexts
index ed8a6d6..73293f7 100644
--- a/aoc/sepolicy/file_contexts
+++ b/aoc/sepolicy/file_contexts
@@ -31,6 +31,9 @@
/dev/acd-aocx_inject[0-9]* u:object_r:aoc_device:s0
/dev/acd-aocx_tapout[0-9]* u:object_r:aoc_device:s0
/dev/acd-mc_headpos u:object_r:aoc_device:s0
+/dev/acd-chre_bt_offload_ctl u:object_r:aoc_device:s0
+/dev/acd-chre_bt_offload_data_tx u:object_r:aoc_device:s0
+/dev/acd-chre_bt_offload_data_rx u:object_r:aoc_device:s0
# AoC vendor binaries
/vendor/bin/aocd u:object_r:aocd_exec:s0
diff --git a/aoc/sepolicy/service.te b/aoc/sepolicy/service.te
new file mode 100644
index 0000000..502b28d
--- /dev/null
+++ b/aoc/sepolicy/service.te
@@ -0,0 +1 @@
+type aocx, service_manager_type;
diff --git a/aoc/sepolicy/vndservice_contexts b/aoc/sepolicy/service_contexts
similarity index 100%
rename from aoc/sepolicy/vndservice_contexts
rename to aoc/sepolicy/service_contexts
diff --git a/aoc/sepolicy/vndservice.te b/aoc/sepolicy/vndservice.te
deleted file mode 100644
index 01c2436..0000000
--- a/aoc/sepolicy/vndservice.te
+++ /dev/null
@@ -1 +0,0 @@
-type aocx, vndservice_manager_type;
diff --git a/audio/sepolicy/common/genfs_contexts b/audio/sepolicy/common/genfs_contexts
index eaa0c71..c4a3120 100644
--- a/audio/sepolicy/common/genfs_contexts
+++ b/audio/sepolicy/common/genfs_contexts
@@ -21,3 +21,4 @@
genfscon sysfs /devices/platform/audiometrics/offload_effects_id u:object_r:sysfs_pixelstats:s0
genfscon sysfs /devices/platform/audiometrics/offload_effects_duration u:object_r:sysfs_pixelstats:s0
genfscon sysfs /devices/platform/audiometrics/bt_usage u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_version u:object_r:sysfs_pixelstats:s0
diff --git a/audio/sepolicy/common/property.te b/audio/sepolicy/common/property.te
index e2ffcd1..2287b84 100644
--- a/audio/sepolicy/common/property.te
+++ b/audio/sepolicy/common/property.te
@@ -1,2 +1,5 @@
# Audio
vendor_internal_prop(vendor_audio_prop)
+
+# The property for Audio App
+vendor_restricted_prop(vendor_audio_prop_restricted)
diff --git a/audio/sepolicy/common/property_contexts b/audio/sepolicy/common/property_contexts
index 1749ac8..9f88e55 100644
--- a/audio/sepolicy/common/property_contexts
+++ b/audio/sepolicy/common/property_contexts
@@ -1,3 +1,6 @@
+# for serial no
+vendor.audio_hal.device.serialno u:object_r:vendor_audio_prop:s0
+
# for audio
vendor.audio_hal.period_multiplier u:object_r:vendor_audio_prop:s0
vendor.audiodump.enable u:object_r:vendor_audio_prop:s0
@@ -9,3 +12,6 @@
vendor.audiodump.log.cca.updated u:object_r:vendor_audio_prop:s0
vendor.audiodump.cca.config u:object_r:vendor_audio_prop:s0
vendor.audio_hal.aidl.enable u:object_r:vendor_audio_prop:s0
+
+# for audio app
+persist.vendor.app.audio. u:object_r:vendor_audio_prop_restricted:s0
diff --git a/audio/sepolicy/common/vendor_init.te b/audio/sepolicy/common/vendor_init.te
index 26f3fa8..1562d45 100644
--- a/audio/sepolicy/common/vendor_init.te
+++ b/audio/sepolicy/common/vendor_init.te
@@ -1,2 +1,5 @@
# Audio property
set_prop(vendor_init, vendor_audio_prop)
+
+# Audio App property
+set_prop(vendor_init, vendor_audio_prop_restricted)
diff --git a/bcmbt/bluetooth.mk b/bcmbt/bluetooth.mk
index af4cf99..18c066b 100644
--- a/bcmbt/bluetooth.mk
+++ b/bcmbt/bluetooth.mk
@@ -11,6 +11,7 @@
BOARD_SEPOLICY_DIRS += device/google/gs-common/bcmbt/sepolicy
+BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/powerstats
DEVICE_MANIFEST_FILE += device/google/gs-common/bcmbt/manifest_bluetooth.xml
DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/bcmbt/compatibility_matrix.xml
diff --git a/betterbug/betterbug.mk b/betterbug/betterbug.mk
index f3ae647..906933d 100644
--- a/betterbug/betterbug.mk
+++ b/betterbug/betterbug.mk
@@ -1,5 +1,8 @@
-PRODUCT_PACKAGES += BetterBugStub
-PRODUCT_PACKAGES_DEBUG += BetterBug
+# When neither AOSP nor factory targets
+ifeq (,$(filter aosp_% factory_%, $(TARGET_PRODUCT)))
+ PRODUCT_PACKAGES += BetterBugStub
+ PRODUCT_PACKAGES_DEBUG += BetterBug
+endif
PRODUCT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/betterbug/sepolicy/product/public
PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/betterbug/sepolicy/product/private
diff --git a/camera/Android.bp b/camera/Android.bp
index d615e6a..e845678 100644
--- a/camera/Android.bp
+++ b/camera/Android.bp
@@ -12,8 +12,8 @@
],
shared_libs: [
"libbase",
- "libdump",
- "liblog",
+ "libdump",
+ "liblog",
],
vendor: true,
relative_install_path: "dump",
@@ -26,3 +26,11 @@
src: "vendor.android.hardware.camera.preview-dis.xml",
sub_dir: "permissions",
}
+
+prebuilt_etc {
+ name: "concurrent_foldable_dual_front_xml",
+ vendor: true,
+ filename: "com.google.pixel.camera.concurrent_foldable_dual_front.xml",
+ src: "com.google.pixel.camera.concurrent_foldable_dual_front.xml",
+ sub_dir: "permissions",
+}
diff --git a/camera/com.google.pixel.camera.concurrent_foldable_dual_front.xml b/camera/com.google.pixel.camera.concurrent_foldable_dual_front.xml
new file mode 100644
index 0000000..e2dda0e
--- /dev/null
+++ b/camera/com.google.pixel.camera.concurrent_foldable_dual_front.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!-- The feature on Pixel devices which supports concurrent foldable
+ dual front streaming -->
+<permissions>
+ <feature name="com.google.pixel.camera.concurrent_foldable_dual_front" />
+</permissions>
diff --git a/camera/lyric.mk b/camera/lyric.mk
index e3feab3..7762f4d 100644
--- a/camera/lyric.mk
+++ b/camera/lyric.mk
@@ -11,13 +11,8 @@
$(call soong_config_set,gch,hwl_library,lyric)
endif
-# Check if we're in PDK build
-ifeq ($(wildcard vendor/google/camera),)
-# If vendor/google/camera doesn't exist, it's a PDK build.
-$(call soong_config_set,lyric,pdk_build,true)
-else
-# Otherwise, it's an internal Google build.
-$(call soong_config_set,lyric,pdk_build,false)
+# Check if we're in the internal build
+ifneq ($(wildcard vendor/google/camera),)
PRODUCT_SOONG_NAMESPACES += \
vendor/google/camera \
diff --git a/camera/sepolicy/product/private/service_contexts b/camera/sepolicy/product/private/service_contexts
index fed03af..0cb84b4 100644
--- a/camera/sepolicy/product/private/service_contexts
+++ b/camera/sepolicy/product/private/service_contexts
@@ -1 +1,5 @@
-com.google.pixel.camera.services.binder.IServiceBinder/default u:object_r:camera_binder_service:s0
\ No newline at end of file
+com.google.pixel.camera.services.binder.IServiceBinder/default u:object_r:camera_binder_service:s0
+
+com.google.pixel.camera.services.cameraidremapper.ICameraIdRemapper/default u:object_r:camera_cameraidremapper_service:s0
+
+com.google.pixel.camera.services.lyricconfigprovider.ILyricConfigProvider/default u:object_r:camera_lyricconfigprovider_service:s0
diff --git a/camera/sepolicy/product/private/vendor_pbcs_app.te b/camera/sepolicy/product/private/vendor_pbcs_app.te
index 54bc0c0..b8a52d2 100644
--- a/camera/sepolicy/product/private/vendor_pbcs_app.te
+++ b/camera/sepolicy/product/private/vendor_pbcs_app.te
@@ -9,4 +9,10 @@
allow vendor_pbcs_app cameraserver_service:service_manager find;
# Allow PBCS to add the ServiceBinder service to ServiceManager.
-add_service(vendor_pbcs_app, camera_binder_service);
\ No newline at end of file
+add_service(vendor_pbcs_app, camera_binder_service);
+
+# Allow PBCS to add the CameraIdRemapper service to ServiceManager.
+add_service(vendor_pbcs_app, camera_cameraidremapper_service);
+
+# Allow PBCS to add the LyricConfigProvider service to ServiceManager.
+add_service(vendor_pbcs_app, camera_lyricconfigprovider_service);
diff --git a/camera/sepolicy/product/private/vendor_pcs_app.te b/camera/sepolicy/product/private/vendor_pcs_app.te
index 55eeee7..d41adb4 100644
--- a/camera/sepolicy/product/private/vendor_pcs_app.te
+++ b/camera/sepolicy/product/private/vendor_pcs_app.te
@@ -8,6 +8,8 @@
app_api_service
audioserver_service
cameraserver_service
+ camera_cameraidremapper_service
+ camera_lyricconfigprovider_service
drmserver_service
mediametrics_service
mediaserver_service
diff --git a/camera/sepolicy/product/public/service.te b/camera/sepolicy/product/public/service.te
index f94fd9f..2cdc125 100644
--- a/camera/sepolicy/product/public/service.te
+++ b/camera/sepolicy/product/public/service.te
@@ -1 +1,5 @@
-type camera_binder_service, hal_service_type, protected_service, service_manager_type;
\ No newline at end of file
+type camera_binder_service, hal_service_type, protected_service, service_manager_type;
+
+type camera_cameraidremapper_service, hal_service_type, protected_service, service_manager_type;
+
+type camera_lyricconfigprovider_service, hal_service_type, protected_service, service_manager_type;
diff --git a/camera/sepolicy/vendor/hal_camera_default.te b/camera/sepolicy/vendor/hal_camera_default.te
index 9e7b105..f661eff 100644
--- a/camera/sepolicy/vendor/hal_camera_default.te
+++ b/camera/sepolicy/vendor/hal_camera_default.te
@@ -1,6 +1,6 @@
allow hal_camera_default camera_binder_service:service_manager find;
# Allow Lyric Hal to find the LyricConfigProvider service through ServiceManager.
-allow hal_camera_default vendor_camera_lyricconfigprovider_service:service_manager find;
+allow hal_camera_default camera_lyricconfigprovider_service:service_manager find;
allow hal_camera_default hal_pixel_remote_camera_service:service_manager find;
diff --git a/camera/sepolicy/vendor/service.te b/camera/sepolicy/vendor/service.te
index 35887ba..513ce05 100644
--- a/camera/sepolicy/vendor/service.te
+++ b/camera/sepolicy/vendor/service.te
@@ -1,9 +1,5 @@
type hal_pixel_remote_camera_service, hal_service_type, protected_service, service_manager_type;
-type vendor_camera_lyricconfigprovider_service, hal_service_type, protected_service, service_manager_type;
-
type vendor_camera_isp_service, hal_service_type, protected_service, service_manager_type;
-type vendor_camera_cameraidremapper_service, hal_service_type, protected_service, service_manager_type;
-
type vendor_image_processing_hal_service, hal_service_type, protected_service, service_manager_type;
diff --git a/camera/sepolicy/vendor/service_contexts b/camera/sepolicy/vendor/service_contexts
index 9f5e335..47e13a7 100644
--- a/camera/sepolicy/vendor/service_contexts
+++ b/camera/sepolicy/vendor/service_contexts
@@ -1,9 +1,5 @@
com.google.pixel.camera.connectivity.hal.provider.ICameraProvider/default u:object_r:hal_pixel_remote_camera_service:s0
-com.google.pixel.camera.services.lyricconfigprovider.ILyricConfigProvider/default u:object_r:vendor_camera_lyricconfigprovider_service:s0
-
com.google.pixel.camera.isp.IIspService/default u:object_r:vendor_camera_isp_service:s0
-com.google.pixel.camera.services.cameraidremapper.ICameraIdRemapper/default u:object_r:vendor_camera_cameraidremapper_service:s0
-
com.google.android.imageprocessing.IImageProcessingHal u:object_r:vendor_image_processing_hal_service:s0
diff --git a/camera/sepolicy/vendor/vendor_pbcs_app.te b/camera/sepolicy/vendor/vendor_pbcs_app.te
index b25c9a2..965ef54 100644
--- a/camera/sepolicy/vendor/vendor_pbcs_app.te
+++ b/camera/sepolicy/vendor/vendor_pbcs_app.te
@@ -1,9 +1,9 @@
# Allow PBCS to add the ServiceBinder service to ServiceManager.
add_service(vendor_pbcs_app, camera_binder_service);
# Allow PBCS to add the LyricConfigProvider service to ServiceManager.
-add_service(vendor_pbcs_app, vendor_camera_lyricconfigprovider_service);
+add_service(vendor_pbcs_app, camera_lyricconfigprovider_service);
# Allow PBCS to add the CameraIdRemapper service to ServiceManager.
-add_service(vendor_pbcs_app, vendor_camera_cameraidremapper_service);
+add_service(vendor_pbcs_app, camera_cameraidremapper_service);
# Allow PBCS to read debug system properties of the form vendor.camera.pbcs.debug.*
# and persist.vendor.camera.pbcs.debug.*
diff --git a/camera/sepolicy/vendor/vendor_pcs_app.te b/camera/sepolicy/vendor/vendor_pcs_app.te
index b4d71b5..068a0f7 100644
--- a/camera/sepolicy/vendor/vendor_pcs_app.te
+++ b/camera/sepolicy/vendor/vendor_pcs_app.te
@@ -1,6 +1,6 @@
allow vendor_pcs_app {
- vendor_camera_lyricconfigprovider_service
- vendor_camera_cameraidremapper_service
+ camera_lyricconfigprovider_service
+ camera_cameraidremapper_service
edgetpu_app_service
}:service_manager find;
diff --git a/edgetpu/sepolicy/hal_audio_default.te b/edgetpu/sepolicy/hal_audio_default.te
index 523770c..4d58e0b 100644
--- a/edgetpu/sepolicy/hal_audio_default.te
+++ b/edgetpu/sepolicy/hal_audio_default.te
@@ -12,7 +12,19 @@
# Allow audio HAL to read tflite Darwinn delegate properties
get_prop(hal_audio_default, vendor_tflite_delegate_prop)
+
+# Allow audio HAL to read DarwiNN runtime properties
get_prop(hal_audio_default, vendor_edgetpu_runtime_prop)
+# Allow audio HAL to read hetero runtime properties
+get_prop(hal_audio_default, vendor_hetero_runtime_prop)
+
# Allow DMA Buf access.
allow hal_audio_default dmabuf_system_heap_device:chr_file r_file_perms;
+
+# Allow audio HAL to connect to the stats service for logging EdgeTpu metrics.
+allow hal_audio_default fwk_stats_service:service_manager find;
+
+# Allow audio HAL to send EdgeTpu trace packets to Perfetto.
+# Enable for prod devices, see: go/darwinn-perfetto-critical-events
+perfetto_producer(hal_audio_default)
diff --git a/fingerprint/Android.bp b/fingerprint/Android.bp
new file mode 100644
index 0000000..b5bd008
--- /dev/null
+++ b/fingerprint/Android.bp
@@ -0,0 +1,21 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_binary {
+ name: "dump_fingerprint",
+ srcs: ["dump_fingerprint.cpp"],
+ init_rc: ["init.fingerprint.dump.rc"],
+ cflags: [
+ "-Wall",
+ "-Wextra",
+ "-Werror",
+ ],
+ shared_libs: [
+ "libbase",
+ "libdump",
+ "liblog",
+ ],
+ vendor: true,
+ relative_install_path: "dump",
+}
diff --git a/fingerprint/dump_fingerprint.cpp b/fingerprint/dump_fingerprint.cpp
new file mode 100644
index 0000000..1c8c7cd
--- /dev/null
+++ b/fingerprint/dump_fingerprint.cpp
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <android-base/file.h>
+#include <dump/pixel_dump.h>
+#include <log/log.h>
+#include <stdio.h>
+#include <string.h>
+
+static constexpr const char *kTombstonesDirPath = "/data/vendor/tombstones/fingerprint/";
+
+int main() {
+ printf("------ Fingerprint tombstones ------\n");
+ std::unique_ptr<DIR, decltype(&closedir)> tombstones_dir(opendir(kTombstonesDirPath), closedir);
+ if (tombstones_dir) {
+ dirent *entry;
+ while ((entry = readdir(tombstones_dir.get())) != nullptr) {
+ std::string file_name(entry->d_name);
+ if (!strcmp(file_name.c_str(), ".") || !strcmp(file_name.c_str(), ".."))
+ continue;
+ std::string file_path(kTombstonesDirPath + file_name);
+ dumpFileContent(file_name.c_str(), file_path.c_str());
+ }
+ }
+
+ return 0;
+}
diff --git a/fingerprint/fingerprint.mk b/fingerprint/fingerprint.mk
new file mode 100644
index 0000000..fb3ceda
--- /dev/null
+++ b/fingerprint/fingerprint.mk
@@ -0,0 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/fingerprint/sepolicy
+
+PRODUCT_PACKAGES += dump_fingerprint
diff --git a/fingerprint/init.fingerprint.dump.rc b/fingerprint/init.fingerprint.dump.rc
new file mode 100644
index 0000000..f00cdc4
--- /dev/null
+++ b/fingerprint/init.fingerprint.dump.rc
@@ -0,0 +1,2 @@
+on post-fs-data
+ mkdir /data/vendor/tombstones/fingerprint 0770 system system
diff --git a/fingerprint/sepolicy/dump_fingerprint.te b/fingerprint/sepolicy/dump_fingerprint.te
new file mode 100644
index 0000000..9af033b
--- /dev/null
+++ b/fingerprint/sepolicy/dump_fingerprint.te
@@ -0,0 +1,5 @@
+pixel_bugreport(dump_fingerprint)
+
+allow dump_fingerprint fingerprint_vendor_data_file:dir r_dir_perms;
+allow dump_fingerprint fingerprint_vendor_data_file:file r_file_perms;
+
diff --git a/fingerprint/sepolicy/file_contexts b/fingerprint/sepolicy/file_contexts
new file mode 100644
index 0000000..a035703
--- /dev/null
+++ b/fingerprint/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+/vendor/bin/dump/dump_fingerprint u:object_r:dump_fingerprint_exec:s0
+/data/vendor/tombstones/fingerprint(/.*)? u:object_r:fingerprint_vendor_data_file:s0
diff --git a/fingerprint/sepolicy/hal_fingerprint.te b/fingerprint/sepolicy/hal_fingerprint.te
new file mode 100644
index 0000000..6e1af7e
--- /dev/null
+++ b/fingerprint/sepolicy/hal_fingerprint.te
@@ -0,0 +1 @@
+allow hal_fingerprint trusty_log_device:chr_file r_file_perms;
diff --git a/gear/dumpstate_v3/Android.bp b/gear/dumpstate_v3/Android.bp
new file mode 100644
index 0000000..d1ab29c
--- /dev/null
+++ b/gear/dumpstate_v3/Android.bp
@@ -0,0 +1,29 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_binary {
+ name: "android.hardware.dumpstate.3-service",
+ srcs: [
+ "Dumpstate.cpp",
+ "service.cpp",
+ ],
+ init_rc: ["android.hardware.dumpstate.3-service.rc"],
+ vintf_fragments: ["android.hardware.dumpstate.3-service.xml"],
+ cflags: [
+ "-Wall",
+ "-Werror",
+ ],
+ shared_libs: [
+ "libbase",
+ "libbinder_ndk",
+ "libcutils",
+ "libdumpstateutil",
+ "liblog",
+ "libutils",
+ "libdump",
+ "android.hardware.dumpstate-V1-ndk",
+ ],
+ vendor: true,
+ relative_install_path: "hw",
+}
diff --git a/gear/dumpstate_v3/Dumpstate.cpp b/gear/dumpstate_v3/Dumpstate.cpp
new file mode 100644
index 0000000..31df2c7
--- /dev/null
+++ b/gear/dumpstate_v3/Dumpstate.cpp
@@ -0,0 +1,230 @@
+/*
+ * Copyright 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "dumpstate_device"
+#define ATRACE_TAG ATRACE_TAG_ALWAYS
+
+#include <inttypes.h>
+
+#include <android-base/file.h>
+#include <android-base/stringprintf.h>
+#include <android-base/properties.h>
+#include <android-base/unique_fd.h>
+#include <cutils/trace.h>
+#include <log/log.h>
+#include <sys/stat.h>
+#include <dump/pixel_dump.h>
+#include "Dumpstate.h"
+
+#include "DumpstateUtil.h"
+
+#define HW_REVISION "ro.boot.hardware.revision"
+
+using android::os::dumpstate::CommandOptions;
+using android::os::dumpstate::DumpFileToFd;
+using android::os::dumpstate::PropertiesHelper;
+using android::os::dumpstate::RunCommandToFd;
+
+namespace aidl {
+namespace android {
+namespace hardware {
+namespace dumpstate {
+
+typedef std::chrono::time_point<std::chrono::steady_clock> timepoint_t;
+
+const char kVerboseLoggingProperty[] = "persist.vendor.verbose_logging_enabled";
+
+timepoint_t startSection(int fd, const std::string §ionName) {
+ ATRACE_BEGIN(sectionName.c_str());
+ ::android::base::WriteStringToFd(
+ "\n"
+ "------ Section start: " + sectionName + " ------\n"
+ "\n", fd);
+ return std::chrono::steady_clock::now();
+}
+
+void endSection(int fd, const std::string §ionName, timepoint_t startTime) {
+ ATRACE_END();
+ auto endTime = std::chrono::steady_clock::now();
+ auto elapsedMsec = std::chrono::duration_cast<std::chrono::milliseconds>
+ (endTime - startTime).count();
+
+ ::android::base::WriteStringToFd(
+ "\n"
+ "------ Section end: " + sectionName + " ------\n"
+ "Elapsed msec: " + std::to_string(elapsedMsec) + "\n"
+ "\n", fd);
+}
+
+// Dump data requested by an argument to the "dump" interface, or help info
+// if the specified section is not supported.
+void Dumpstate::dumpTextSection(int fd, const std::string §ionName) {
+ bool dumpAll = (sectionName == kAllSections);
+ std::string dumpFiles;
+ struct dirent **dirent_list = NULL;
+ int num_entries = scandir("/vendor/bin/dump", &dirent_list, 0, (int (*)(const struct dirent **, const struct dirent **)) alphasort);
+ if (!dirent_list) {
+ ALOGE("Unable to scan dir: /vendor/bin/dump\n");
+ return;
+ } else if (num_entries <= 0) {
+ ALOGE("No file is found.\n");
+ return;
+ }
+ // Execute all or designated programs under vendor/bin/dump/
+ for (int i = 0; i < num_entries; i++) {
+ if (dirent_list[i]->d_name[0] == '.') {
+ continue;
+ }
+ std::string bin(dirent_list[i]->d_name);
+ dumpFiles = dumpFiles + " " + bin;
+ if (dumpAll || sectionName == bin) {
+ auto startTime = startSection(fd, bin);
+ RunCommandToFd(fd, "/vendor/bin/dump/"+bin, {"/vendor/bin/dump/"+bin}, CommandOptions::WithTimeout(15).Build());
+ endSection(fd, bin, startTime);
+ if (!dumpAll) {
+ return;
+ }
+ }
+ }
+
+ if (dumpAll) {
+ RunCommandToFd(fd, "VENDOR PROPERTIES", {"/vendor/bin/getprop"});
+ return;
+ }
+
+ // An unsupported section was requested on the command line
+ ::android::base::WriteStringToFd("Unrecognized text section: " + sectionName + "\n", fd);
+ ::android::base::WriteStringToFd("Try \"" + kAllSections + "\" or one of the following:", fd);
+ ::android::base::WriteStringToFd(dumpFiles, fd);
+ ::android::base::WriteStringToFd("\nNote: sections with attachments (e.g. dump_soc) are"
+ "not available from the command line.\n", fd);
+ while (num_entries--) {
+ free(dirent_list[num_entries]);
+ }
+ free(dirent_list);
+}
+
+void Dumpstate::dumpLogSection(int fd, int fd_bin)
+{
+ std::string logDir = MODEM_LOG_DIRECTORY;
+ const std::string logCombined = logDir + "/combined_logs.tar";
+ const std::string logAllDir = logDir + "/all_logs";
+
+ RunCommandToFd(fd, "MKDIR LOG", {"/vendor/bin/mkdir", "-p", logAllDir.c_str()}, CommandOptions::WithTimeout(2).Build());
+
+ dumpTextSection(fd, kAllSections);
+
+ RunCommandToFd(fd, "TAR LOG", {"/vendor/bin/tar", "cvf", logCombined.c_str(), "-C", logAllDir.c_str(), "."}, CommandOptions::WithTimeout(20).Build());
+ RunCommandToFd(fd, "CHG PERM", {"/vendor/bin/chmod", "a+w", logCombined.c_str()}, CommandOptions::WithTimeout(2).Build());
+
+ std::vector<uint8_t> buffer(65536);
+ ::android::base::unique_fd fdLog(TEMP_FAILURE_RETRY(open(logCombined.c_str(), O_RDONLY | O_CLOEXEC | O_NONBLOCK)));
+
+ if (fdLog >= 0) {
+ while (1) {
+ ssize_t bytes_read = TEMP_FAILURE_RETRY(read(fdLog, buffer.data(), buffer.size()));
+
+ if (bytes_read == 0) {
+ break;
+ } else if (bytes_read < 0) {
+ ALOGD("read(%s): %s\n", logCombined.c_str(), strerror(errno));
+ break;
+ }
+
+ ssize_t result = TEMP_FAILURE_RETRY(write(fd_bin, buffer.data(), bytes_read));
+
+ if (result != bytes_read) {
+ ALOGD("Failed to write %zd bytes, actually written: %zd", bytes_read, result);
+ break;
+ }
+ }
+ }
+
+ RunCommandToFd(fd, "RM LOG DIR", { "/vendor/bin/rm", "-r", logAllDir.c_str()}, CommandOptions::WithTimeout(2).Build());
+ RunCommandToFd(fd, "RM LOG", { "/vendor/bin/rm", logCombined.c_str()}, CommandOptions::WithTimeout(2).Build());
+}
+
+ndk::ScopedAStatus Dumpstate::dumpstateBoard(const std::vector<::ndk::ScopedFileDescriptor>& in_fds,
+ IDumpstateDevice::DumpstateMode in_mode,
+ int64_t in_timeoutMillis) {
+ ATRACE_BEGIN("dumpstateBoard");
+ // Unused arguments.
+ (void) in_timeoutMillis;
+
+ if (in_mode < IDumpstateDevice::DumpstateMode::FULL || in_mode > IDumpstateDevice::DumpstateMode::PROTO) {
+ ALOGE("Invalid mode: %d\n", in_mode);
+ return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_ILLEGAL_ARGUMENT, "Invalid mode");
+ }
+
+ if (in_fds.size() < 1) {
+ ALOGE("no FDs\n");
+ return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_ILLEGAL_ARGUMENT,
+ "No file descriptor");
+ }
+
+ int fd = in_fds[0].get();
+ if (fd < 0) {
+ ALOGE("invalid FD: %d\n", fd);
+ return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_ILLEGAL_ARGUMENT,
+ "Invalid file descriptor");
+ }
+
+ if (in_fds.size() < 2) {
+ ALOGE("no FD for dumpstate_board binary\n");
+ dumpTextSection(fd, "");
+ } else {
+ int fd_bin = in_fds[1].get();
+ dumpLogSection(fd, fd_bin);
+ }
+
+ ATRACE_END();
+ return ndk::ScopedAStatus::ok();
+}
+
+ndk::ScopedAStatus Dumpstate::setVerboseLoggingEnabled(bool in_enable) {
+ ::android::base::SetProperty(kVerboseLoggingProperty, in_enable ? "true" : "false");
+ return ndk::ScopedAStatus::ok();
+}
+
+ndk::ScopedAStatus Dumpstate::getVerboseLoggingEnabled(bool* _aidl_return) {
+ *_aidl_return = ::android::base::GetBoolProperty(kVerboseLoggingProperty, false);
+ return ndk::ScopedAStatus::ok();
+}
+
+// Since AIDLs that support the dump() interface are automatically invoked during
+// bugreport generation and we don't want to generate a second copy of the same
+// data that will go into dumpstate_board.txt, this function will only do
+// something if it is called with an option, e.g.
+// dumpsys android.hardware.dumpstate.IDumpstateDevice/default all
+//
+// Also, note that sections which generate attachments and/or binary data when
+// included in a bugreport are not available through the dump() interface.
+binder_status_t Dumpstate::dump(int fd, const char** args, uint32_t numArgs) {
+
+ if (numArgs != 1) {
+ return STATUS_OK;
+ }
+
+ dumpTextSection(fd, static_cast<std::string>(args[0]));
+
+ fsync(fd);
+ return STATUS_OK;
+}
+
+} // namespace dumpstate
+} // namespace hardware
+} // namespace android
+} // namespace aidl
diff --git a/gear/dumpstate_v3/Dumpstate.h b/gear/dumpstate_v3/Dumpstate.h
new file mode 100644
index 0000000..787b774
--- /dev/null
+++ b/gear/dumpstate_v3/Dumpstate.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <aidl/android/hardware/dumpstate/BnDumpstateDevice.h>
+#include <aidl/android/hardware/dumpstate/IDumpstateDevice.h>
+#include <android/binder_status.h>
+
+namespace aidl {
+namespace android {
+namespace hardware {
+namespace dumpstate {
+
+class Dumpstate : public BnDumpstateDevice {
+ public:
+ ::ndk::ScopedAStatus dumpstateBoard(const std::vector<::ndk::ScopedFileDescriptor>& in_fds,
+ IDumpstateDevice::DumpstateMode in_mode,
+ int64_t in_timeoutMillis) override;
+
+ ::ndk::ScopedAStatus getVerboseLoggingEnabled(bool* _aidl_return) override;
+
+ ::ndk::ScopedAStatus setVerboseLoggingEnabled(bool in_enable) override;
+
+ binder_status_t dump(int fd, const char** args, uint32_t numArgs) override;
+
+ private:
+ const std::string kAllSections = "all";
+
+ void dumpTextSection(int fd, std::string const& sectionName);
+ void dumpLogSection(int fd, int fdModem);
+
+ //bool getVerboseLoggingEnabledImpl();
+ //::ndk::ScopedAStatus dumpstateBoardImpl(const int fd, const bool full);
+};
+
+} // namespace dumpstate
+} // namespace hardware
+} // namespace android
+} // namespace aidl
diff --git a/gear/dumpstate_v3/aidl.mk b/gear/dumpstate_v3/aidl.mk
new file mode 100644
index 0000000..bcecb78
--- /dev/null
+++ b/gear/dumpstate_v3/aidl.mk
@@ -0,0 +1,4 @@
+PRODUCT_SOONG_NAMESPACES += device/google/gs-common/gear/dumpstate_v3
+PRODUCT_PACKAGES += android.hardware.dumpstate.3-service
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gear/dumpstate_v3/sepolicy
+
diff --git a/gear/dumpstate_v3/android.hardware.dumpstate.3-service.rc b/gear/dumpstate_v3/android.hardware.dumpstate.3-service.rc
new file mode 100644
index 0000000..0a80e0c
--- /dev/null
+++ b/gear/dumpstate_v3/android.hardware.dumpstate.3-service.rc
@@ -0,0 +1,5 @@
+service vendor.dumpstate-default /vendor/bin/hw/android.hardware.dumpstate.3-service
+ class hal
+ user system
+ group system shell
+ interface aidl android.hardware.dumpstate.IDumpstateDevice/default
diff --git a/gear/dumpstate_v3/android.hardware.dumpstate.3-service.xml b/gear/dumpstate_v3/android.hardware.dumpstate.3-service.xml
new file mode 100644
index 0000000..5e51b28
--- /dev/null
+++ b/gear/dumpstate_v3/android.hardware.dumpstate.3-service.xml
@@ -0,0 +1,9 @@
+<manifest version="1.0" type="device">
+ <hal format="aidl">
+ <name>android.hardware.dumpstate</name>
+ <interface>
+ <name>IDumpstateDevice</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
+</manifest>
diff --git a/gear/dumpstate_v3/sepolicy/file.te b/gear/dumpstate_v3/sepolicy/file.te
new file mode 100644
index 0000000..1777353
--- /dev/null
+++ b/gear/dumpstate_v3/sepolicy/file.te
@@ -0,0 +1,6 @@
+# dumpstate packing directory
+type radio_vendor_data_file, file_type, data_file_type;
+userdebug_or_eng(`
+ typeattribute radio_vendor_data_file mlstrustedobject;
+')
+
diff --git a/gear/dumpstate_v3/sepolicy/file_contexts b/gear/dumpstate_v3/sepolicy/file_contexts
new file mode 100644
index 0000000..da10e76
--- /dev/null
+++ b/gear/dumpstate_v3/sepolicy/file_contexts
@@ -0,0 +1,5 @@
+# generic dumpstate for pixel
+/vendor/bin/hw/android\.hardware\.dumpstate\.3-service u:object_r:hal_dumpstate_default_exec:s0
+
+/data/vendor/radio(/.*)? u:object_r:radio_vendor_data_file:s0
+
diff --git a/gear/dumpstate_v3/sepolicy/hal_dumpstate_default.te b/gear/dumpstate_v3/sepolicy/hal_dumpstate_default.te
new file mode 100644
index 0000000..06ebb75
--- /dev/null
+++ b/gear/dumpstate_v3/sepolicy/hal_dumpstate_default.te
@@ -0,0 +1,7 @@
+# required permission to use tar to pack dumpsate_board.bin
+allow hal_dumpstate_default vendor_toolbox_exec:file execute_no_trans;
+allow hal_dumpstate_default radio_vendor_data_file:dir create_dir_perms;
+allow hal_dumpstate_default radio_vendor_data_file:file create_file_perms;
+allow hal_dumpstate_default shell_data_file:file getattr;
+set_prop(hal_dumpstate_default, vendor_logger_prop)
+
diff --git a/gear/dumpstate_v3/sepolicy/property.te b/gear/dumpstate_v3/sepolicy/property.te
new file mode 100644
index 0000000..c6f5a4f
--- /dev/null
+++ b/gear/dumpstate_v3/sepolicy/property.te
@@ -0,0 +1,3 @@
+# verbose property
+vendor_internal_prop(vendor_logger_prop)
+
diff --git a/gear/dumpstate_v3/sepolicy/property_contexts b/gear/dumpstate_v3/sepolicy/property_contexts
new file mode 100644
index 0000000..5ead16f
--- /dev/null
+++ b/gear/dumpstate_v3/sepolicy/property_contexts
@@ -0,0 +1,3 @@
+# verbose property name
+persist.vendor.verbose_logging_enabled u:object_r:vendor_logger_prop:s0
+
diff --git a/gear/dumpstate_v3/service.cpp b/gear/dumpstate_v3/service.cpp
new file mode 100644
index 0000000..53dc8ac
--- /dev/null
+++ b/gear/dumpstate_v3/service.cpp
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#define LOG_TAG "android.hardware.dumpstate.3-service"
+
+#include "Dumpstate.h"
+
+#include <android-base/logging.h>
+#include <android/binder_manager.h>
+#include <android/binder_process.h>
+
+using aidl::android::hardware::dumpstate::Dumpstate;
+
+int main() {
+ ABinderProcess_setThreadPoolMaxThreadCount(0);
+ std::shared_ptr<Dumpstate> dumpstate = ndk::SharedRefBase::make<Dumpstate>();
+
+ const std::string instance = std::string() + Dumpstate::descriptor + "/default";
+ binder_status_t status =
+ AServiceManager_addService(dumpstate->asBinder().get(), instance.c_str());
+ CHECK_EQ(status, STATUS_OK);
+
+ ABinderProcess_joinThreadPool();
+ return EXIT_FAILURE; // Unreachable
+}
diff --git a/gps/brcm/sepolicy/genfs_contexts b/gps/brcm/sepolicy/genfs_contexts
index 446fc45..a551e96 100644
--- a/gps/brcm/sepolicy/genfs_contexts
+++ b/gps/brcm/sepolicy/genfs_contexts
@@ -1,3 +1,4 @@
# GPS
genfscon sysfs /devices/virtual/pps/pps0/assert_elapsed u:object_r:sysfs_gps_assert:s0
+genfscon sysfs /devices/platform/bbd_pps/pps_assert u:object_r:sysfs_gps_assert:s0
diff --git a/gps/lsi/sepolicy/device.te b/gps/lsi/sepolicy/device.te
new file mode 100644
index 0000000..15d049f
--- /dev/null
+++ b/gps/lsi/sepolicy/device.te
@@ -0,0 +1 @@
+type vendor_gnss_device, dev_type;
diff --git a/gps/lsi/sepolicy/file.te b/gps/lsi/sepolicy/file.te
deleted file mode 100644
index af9582b..0000000
--- a/gps/lsi/sepolicy/file.te
+++ /dev/null
@@ -1 +0,0 @@
-type vendor_gps_file, file_type, data_file_type;
diff --git a/gps/lsi/sepolicy/file_contexts b/gps/lsi/sepolicy/file_contexts
index 9840eab..e6af3b1 100644
--- a/gps/lsi/sepolicy/file_contexts
+++ b/gps/lsi/sepolicy/file_contexts
@@ -7,6 +7,4 @@
/vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0
/vendor/bin/hw/spad u:object_r:spad_exec:s0
/vendor/bin/hw/android.hardware.gnss-service u:object_r:hal_gnss_default_exec:s0
-/vendor/bin/gnss_check\.sh u:object_r:gnss_check_exec:s0
-# keep only one rule and use eGNSS one
-# /data/vendor/gps(/.*)? u:object_r:vendor_gps_file:s0
+/data/vendor/gps(/.*)? u:object_r:vendor_gps_file:s0
diff --git a/gps/lsi/sepolicy/gnssd.te b/gps/lsi/sepolicy/gnssd.te
index 56ab51f..29dfa2e 100644
--- a/gps/lsi/sepolicy/gnssd.te
+++ b/gps/lsi/sepolicy/gnssd.te
@@ -5,7 +5,9 @@
# Allow gnssd to access rild
binder_call(gnssd, rild);
binder_call(gnssd, hwservicemanager)
+binder_call(gnssd, servicemanager)
allow gnssd hal_exynos_rild_hwservice:hwservice_manager find;
+allow gnssd hal_vendor_radio_external_service:service_manager find;
allow gnssd radio_device:chr_file rw_file_perms;
# Allow gnssd to acess gnss device
@@ -31,3 +33,6 @@
# Read RIL property
get_prop(gnssd, vendor_rild_prop)
+
+# Read modme state
+allow gnssd sysfs_modem_state:file r_file_perms;
diff --git a/gps/pixel/sepolicy/hal_gnss_pixel.te b/gps/pixel/sepolicy/hal_gnss_pixel.te
index 512ecc9..cc63702 100644
--- a/gps/pixel/sepolicy/hal_gnss_pixel.te
+++ b/gps/pixel/sepolicy/hal_gnss_pixel.te
@@ -1,9 +1,3 @@
-type hal_gnss_pixel, domain;
-hal_server_domain(hal_gnss_pixel, hal_gnss)
-
-type hal_gnss_pixel_exec, exec_type, vendor_file_type, file_type;
-init_daemon_domain(hal_gnss_pixel)
-
#IPC between pixel and vendor HAL
binder_call(hal_gnss_pixel, hal_gnss_default)
@@ -12,3 +6,18 @@
#Toggle coredump node
allow hal_gnss_pixel sysfs_gps:file rw_file_perms;
+
+# Allow access to CHRE multiclient HAL.
+get_prop(hal_gnss_pixel, vendor_chre_hal_prop)
+
+# Allow binder to CHRE.
+binder_call(hal_gnss_pixel, hal_contexthub_default)
+allow hal_gnss_pixel hal_contexthub_service:service_manager find;
+
+# Allow connect to gnss service
+allow hal_gnss_pixel vendor_gps_file:dir create_dir_perms;
+allow hal_gnss_pixel vendor_gps_file:fifo_file create_file_perms;
+
+# Allow access ssrdump information
+allow hal_gnss_pixel sscoredump_vendor_data_crashinfo_file:file r_file_perms;
+allow hal_gnss_pixel sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
diff --git a/gs_watchdogd/gs_watchdogd.cpp b/gs_watchdogd/gs_watchdogd.cpp
index 82e01d0..333e023 100644
--- a/gs_watchdogd/gs_watchdogd.cpp
+++ b/gs_watchdogd/gs_watchdogd.cpp
@@ -19,38 +19,31 @@
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
#include <android-base/unique_fd.h>
+#include <log/log.h>
-#include <errno.h>
#include <fcntl.h>
#include <glob.h>
#include <linux/watchdog.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/cdefs.h>
#include <unistd.h>
-#include <chrono>
+#include <cstdlib>
#include <vector>
+#define NSEC_PER_SEC (1000LL * 1000LL * 1000LL)
+
#define DEV_GLOB "/sys/devices/platform/*.watchdog_cl*/watchdog/watchdog*"
-#define DEFAULT_INTERVAL 10s
-#define DEFAULT_MARGIN 10s
-
using android::base::Basename;
using android::base::StringPrintf;
-using std::literals::chrono_literals::operator""s;
-int main(int argc, char** argv) {
+int main(int __unused argc, char** argv) {
+ auto min_timeout_nsecs = std::numeric_limits<typeof(NSEC_PER_SEC)>::max();
+
android::base::InitLogging(argv, &android::base::KernelLogger);
- std::chrono::seconds interval = argc >= 2
- ? std::chrono::seconds(atoi(argv[1])) : DEFAULT_INTERVAL;
- std::chrono::seconds margin = argc >= 3
- ? std::chrono::seconds(atoi(argv[2])) : DEFAULT_MARGIN;
-
- LOG(INFO) << "gs_watchdogd started (interval " << interval.count()
- << ", margin " << margin.count() << ")!";
-
glob_t globbuf;
int ret = glob(DEV_GLOB, GLOB_MARK, nullptr, &globbuf);
if (ret) {
@@ -61,8 +54,7 @@
std::vector<android::base::unique_fd> wdt_dev_fds;
for (size_t i = 0; i < globbuf.gl_pathc; i++) {
- std::chrono::seconds timeout = interval + margin;
- int timeout_secs = timeout.count();
+ int timeout_secs;
std::string dev_path = StringPrintf("/dev/%s", Basename(globbuf.gl_pathv[i]).c_str());
int fd = TEMP_FAILURE_RETRY(open(dev_path.c_str(), O_RDWR | O_CLOEXEC));
@@ -71,29 +63,39 @@
return 1;
}
- wdt_dev_fds.emplace_back(fd);
- ret = ioctl(fd, WDIOC_SETTIMEOUT, &timeout_secs);
+ ret = ioctl(fd, WDIOC_GETTIMEOUT, &timeout_secs);
if (ret) {
- PLOG(ERROR) << "Failed to set timeout to " << timeout_secs;
- ret = ioctl(fd, WDIOC_GETTIMEOUT, &timeout_secs);
- if (ret) {
- PLOG(ERROR) << "Failed to get timeout";
- } else {
- interval = timeout > margin ? timeout - margin : 1s;
- LOG(WARNING) << "Adjusted interval to timeout returned by driver: "
- << "timeout " << timeout_secs
- << ", interval " << interval.count()
- << ", margin " << margin.count();
- }
+ PLOG(ERROR) << "Failed to get timeout on " << dev_path;
+ continue;
+ } else {
+ min_timeout_nsecs = std::min(min_timeout_nsecs, NSEC_PER_SEC * timeout_secs);
}
+
+ wdt_dev_fds.emplace_back(fd);
}
globfree(&globbuf);
+ if (wdt_dev_fds.empty()) {
+ LOG(ERROR) << "no valid wdt dev found";
+ return 1;
+ }
+
+ timespec ts;
+ auto result = div(min_timeout_nsecs / 2, NSEC_PER_SEC);
+ ts.tv_sec = result.quot;
+ ts.tv_nsec = result.rem;
+
while (true) {
+ timespec rem = ts;
+
for (const auto& fd : wdt_dev_fds) {
TEMP_FAILURE_RETRY(write(fd, "", 1));
}
- sleep(interval.count());
+
+ if (TEMP_FAILURE_RETRY(nanosleep(&rem, &rem))) {
+ PLOG(ERROR) << "nanosleep failed";
+ return 1;
+ }
}
}
diff --git a/gs_watchdogd/init.gs_watchdogd.rc b/gs_watchdogd/init.gs_watchdogd.rc
index f58ce50..23d5fb2 100644
--- a/gs_watchdogd/init.gs_watchdogd.rc
+++ b/gs_watchdogd/init.gs_watchdogd.rc
@@ -1,5 +1,5 @@
-# Set watchdog timer to 30 seconds and pet it every 10 seconds to get a 20 second margin
-service gs_watchdogd /system_ext/bin/gs_watchdogd 10 20
+# Pet watchdog timer every half of its timeout period.
+service gs_watchdogd /system_ext/bin/gs_watchdogd
class core
oneshot
seclabel u:r:gs_watchdogd:s0
diff --git a/gxp/dump_gxp.cpp b/gxp/dump_gxp.cpp
index 518a44a..5d9f28a 100644
--- a/gxp/dump_gxp.cpp
+++ b/gxp/dump_gxp.cpp
@@ -17,7 +17,7 @@
#include <android-base/properties.h>
#include <android-base/file.h>
-#define maxGxpDebugDumps 3
+#define maxGxpDebugDumps 4
int main() {
/* TODO(b/277094681): Set default value to false around device beta milestone. */
diff --git a/gyotaku_app/dump/dump_gyotaku.cpp b/gyotaku_app/dump/dump_gyotaku.cpp
index 62c2a57..0f22e68 100644
--- a/gyotaku_app/dump/dump_gyotaku.cpp
+++ b/gyotaku_app/dump/dump_gyotaku.cpp
@@ -19,7 +19,7 @@
#define GYOTAKU_DIRECTORY "/data/vendor/gyotaku/andlog"
#define GYOTAKU_ANDROID_LOG_PREFIX "android_"
-
+#define GYOTAKU_ODPM_LOG_PREFIX "odpm_"
#define maxFileLogsNumber 30
int main() {
@@ -30,6 +30,7 @@
}
dumpLogs(GYOTAKU_DIRECTORY, outputDir.c_str(), maxFileLogsNumber, GYOTAKU_ANDROID_LOG_PREFIX);
+ dumpLogs(GYOTAKU_DIRECTORY, outputDir.c_str(), maxFileLogsNumber, GYOTAKU_ODPM_LOG_PREFIX);
return 0;
}
diff --git a/gyotaku_app/fingerprint/gyotaku_app.te b/gyotaku_app/fingerprint/gyotaku_app.te
new file mode 100644
index 0000000..f6475f5
--- /dev/null
+++ b/gyotaku_app/fingerprint/gyotaku_app.te
@@ -0,0 +1,19 @@
+# Specific build for fingerprint
+type gyotaku_app, domain;
+
+app_domain(gyotaku_app)
+net_domain(gyotaku_app)
+
+# For Gyotaku app common use
+allow gyotaku_app app_api_service:service_manager find;
+allow gyotaku_app privapp_data_file:lnk_file read;
+allow gyotaku_app system_app_data_file:dir create_dir_perms;
+allow gyotaku_app system_app_data_file:file create_file_perms;
+
+# For getproperty isDebuggable use
+get_prop(gyotaku_app, userdebug_or_eng_prop)
+
+# For access /data/vendor/misc fingerprint use.
+allow gyotaku_app vendor_misc_data_file:dir search;
+allow gyotaku_app vendor_fingerprint_data_file:dir r_dir_perms;
+allow gyotaku_app vendor_fingerprint_data_file:file r_file_perms;
diff --git a/gyotaku_app/fingerprint/seapp_contexts b/gyotaku_app/fingerprint/seapp_contexts
new file mode 100644
index 0000000..b1c6248
--- /dev/null
+++ b/gyotaku_app/fingerprint/seapp_contexts
@@ -0,0 +1,2 @@
+# Gyotaku app
+user=system seinfo=platform name=com.google.android.apps.internal.gyotaku domain=gyotaku_app type=system_app_data_file levelFrom=all
diff --git a/gyotaku_app/gyotaku_fingerprint.mk b/gyotaku_app/gyotaku_fingerprint.mk
new file mode 100644
index 0000000..051b88e
--- /dev/null
+++ b/gyotaku_app/gyotaku_fingerprint.mk
@@ -0,0 +1,5 @@
+# Specific build for fingerprint
+PRODUCT_PACKAGES_DEBUG += \
+ Gyotaku
+
+BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/fingerprint
diff --git a/performance/Android.bp b/performance/Android.bp
index c29b460..5c0e0b2 100644
--- a/performance/Android.bp
+++ b/performance/Android.bp
@@ -12,7 +12,7 @@
"-Werror",
],
shared_libs: [
- "libdump",
+ "libdump",
],
vendor: true,
relative_install_path: "dump",
diff --git a/performance/dump_perf.cpp b/performance/dump_perf.cpp
index aa742f1..d2989ad 100644
--- a/performance/dump_perf.cpp
+++ b/performance/dump_perf.cpp
@@ -18,5 +18,8 @@
int main() {
dumpFileContent("VENDOR PROC DUMP", "/proc/vendor_sched/dump_task");
+ dumpFileContent("BTS scenario", "/sys/kernel/debug/bts/scenario");
+ dumpFileContent("BTS vc", "/sys/kernel/debug/bts/vc");
+ dumpFileContent("BTS status", "/sys/kernel/debug/bts/status");
return 0;
}
diff --git a/performance/sepolicy/dump_perf.te b/performance/sepolicy/dump_perf.te
index 15c4f6e..befe9ba 100644
--- a/performance/sepolicy/dump_perf.te
+++ b/performance/sepolicy/dump_perf.te
@@ -1,3 +1,7 @@
pixel_bugreport(dump_perf)
allow dump_perf proc_vendor_sched:file r_file_perms;
+userdebug_or_eng(`
+ allow dump_perf vendor_bts_debugfs:dir r_dir_perms;
+ allow dump_perf vendor_bts_debugfs:file r_file_perms;
+')
diff --git a/performance/sepolicy/file.te b/performance/sepolicy/file.te
new file mode 100644
index 0000000..8e16bbf
--- /dev/null
+++ b/performance/sepolicy/file.te
@@ -0,0 +1,2 @@
+type sysfs_pakills, fs_type, sysfs_type;
+type vendor_bts_debugfs, fs_type, debugfs_type;
diff --git a/performance/sepolicy/genfs_contexts b/performance/sepolicy/genfs_contexts
index 000c41b..041021c 100644
--- a/performance/sepolicy/genfs_contexts
+++ b/performance/sepolicy/genfs_contexts
@@ -1 +1,3 @@
genfscon proc /sys/kernel/sched_pelt_multiplier u:object_r:proc_sched:s0
+genfscon sysfs /kernel/vendor_mm/pa_kill u:object_r:sysfs_pakills:s0
+genfscon debugfs /bts u:object_r:vendor_bts_debugfs:s0
diff --git a/performance/sepolicy/hal_power_default.te b/performance/sepolicy/hal_power_default.te
new file mode 100644
index 0000000..763862d
--- /dev/null
+++ b/performance/sepolicy/hal_power_default.te
@@ -0,0 +1,2 @@
+allow hal_power_default sysfs_pakills:file rw_file_perms;
+allow hal_power_default sysfs_pakills:dir r_dir_perms;
diff --git a/power/Android.bp b/power/Android.bp
new file mode 100644
index 0000000..b70372c
--- /dev/null
+++ b/power/Android.bp
@@ -0,0 +1,10 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+prebuilt_etc {
+ name: "init.power-gs.rc",
+ src: "init.power-gs.rc",
+ vendor: true,
+ sub_dir: "init",
+}
diff --git a/power/OWNERS b/power/OWNERS
new file mode 100644
index 0000000..09c47ea
--- /dev/null
+++ b/power/OWNERS
@@ -0,0 +1,5 @@
+joaodias@google.com
+frankvarela@google.com
+krossmo@google.com
+cozette@google.com
+dennisyee@google.com
diff --git a/power/init.power-gs.rc b/power/init.power-gs.rc
new file mode 100644
index 0000000..03748a2
--- /dev/null
+++ b/power/init.power-gs.rc
@@ -0,0 +1,3 @@
+on property:sys.boot_completed=1
+ # Reduce pm_freeze_timeout value
+ write /sys/power/pm_freeze_timeout 1000
diff --git a/power/power.mk b/power/power.mk
new file mode 100644
index 0000000..336cd96
--- /dev/null
+++ b/power/power.mk
@@ -0,0 +1 @@
+PRODUCT_PACKAGES += init.power-gs.rc
diff --git a/recorder/recorder.mk b/recorder/recorder.mk
new file mode 100644
index 0000000..87620da
--- /dev/null
+++ b/recorder/recorder.mk
@@ -0,0 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/recorder/sepolicy/vendor
+PRODUCT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/recorder/sepolicy/product/public
+PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/recorder/sepolicy/product/private
diff --git a/recorder/sepolicy/product/private/certs/com_google_android_apps_recorder.x509.pem b/recorder/sepolicy/product/private/certs/com_google_android_apps_recorder.x509.pem
new file mode 100644
index 0000000..833c86b
--- /dev/null
+++ b/recorder/sepolicy/product/private/certs/com_google_android_apps_recorder.x509.pem
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIF+zCCA+OgAwIBAgIVAJFfB9eQ7J1w93C6aGBchm77ysA3MA0GCSqGSIb3DQEBCwUAMIGNMQsw
+CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU
+MBIGA1UEChMLR29vZ2xlIEluYy4xEDAOBgNVBAsTB0FuZHJvaWQxKTAnBgNVBAMMIGNvbV9nb29n
+bGVfYW5kcm9pZF9hcHBzX3JlY29yZGVyMB4XDTE5MDIxNTE1NDQxMloXDTQ5MDIxNTE1NDQxMlow
+gY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBW
+aWV3MRQwEgYDVQQKEwtHb29nbGUgSW5jLjEQMA4GA1UECxMHQW5kcm9pZDEpMCcGA1UEAwwgY29t
+X2dvb2dsZV9hbmRyb2lkX2FwcHNfcmVjb3JkZXIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCFSs/DqyyRbMD2mEHxxv+DDnV7V8j/RUB43aZXC11kKbLAD/E8/WxV+e9frFoXlzXepK4m
+FliWHyLWNSUmFwVxl2JsrkxUJ4QWXIpw9azHkW9kO5r/VPTXCBAZn80qqaqHlzplHbflxLiQc+zv
+lWEg7HJPBMMMFC3yCYfhLbDrriZdMnT4mHMLUo24TzO2znv7c7SDBWQ57lAsdRB0OX+N4DfBXvUR
+QLUO9FazerGdcK58KHkxgo3ZHY3c2+efkfCkZUgu6HKLwA24O2e0/iYmC7vQTItGYCCyzbdlXDix
+t0YgpsdcsOtVSJLwv6movtAX9JGsrGkvZR9Ffa52Vfc+vW0yqahHxVFJ5VD6UrrQpkWjonrsIbHb
+RLQ05ZM735kd4NWrxgS0sDwdfvhmsj29Ag3q/cuIpG/+x37+vmTlMKggeqxSxoQ4RwGyZuvyb8PB
+/lCf6r6bAYyr88oAs03ATz3RqRH38rkHmFp5Cdf488tw2Wj6vB/JqnfPN8woslle0hUIkqH7Ezna
+0zF79yov7oePFdqr++khDHrrMQziwIk2PN+V0MLGQpmX5FF47Zmprtzvu52QN2f5rnKq2HSfBG0i
+FqZ8/iAEnUsCngVObHaASPxXq1AKiy3iEJaLDjFhGbQk9mbj9o/RHb0kyorI3d90PU8ss8xNsUnm
+pXa4sQIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRXxQfB1H79Hq56Ld1GUrRRfzWo
+ojAfBgNVHSMEGDAWgBRXxQfB1H79Hq56Ld1GUrRRfzWoojANBgkqhkiG9w0BAQsFAAOCAgEARATw
+47mgvvLpdLTPzjORUSLBWXS2WdH43o9tPBNOaLBVRWiua2OyMp8F+nbxm4y/3djGuXsn5S2F12jp
+7xQZcBU4c21vF/ttio/spnnkPBnf0nKndTLoKt4Tpcxq4vnyqyXlBJHIybh+bbc6HVTYM6n8k4vw
+KReUjEjCXAxZ8vWjTgSOAtDrHkaez3tOkACMFmRv+JP1zNG32chLG+8K0/pyLsnknloPAk02Btoc
+t7FI4XKtS/9Z9oipMHfWg8fjI4vRXqiiAR4ctf9EgxcwHY/KVX8RJxsAXMgl65e7qGagbfTWCbHl
+MnRnapjLKkvJKPiIbBx/xdgUoOxdugwL6XPfzg4THQzAiduCgxkDs/H3SQWem6VBZ57KSuudJsop
+s5hb7GS2Hqb5F3YHAlSGQxvj37mDTzbuTH3paqzPwSgnqw0jnkGl//f2osw/mqfD5msDLk4UcmpQ
+IeC10ofhF7hzaZOGwMg8VGzsMR5M154haxj6Y2NFEir6ylz/stPrelkwDvMIDgIororj2Bj7TkWu
++EABNAr8h9yTsJEvxayNMk96U+Rn2LKMZilJdf00SILpr6IFTD8uvRwLIHSCjSbd9C8kkAqbqKs4
+VCg5HPLHjxyXgWOAK1IeqqnryaFPjLqa2RsG6UL+UtIjC6eWMsWOfvRRrpTU21mo2Koc0MI=
+-----END CERTIFICATE-----
diff --git a/recorder/sepolicy/product/private/google_recorder_app.te b/recorder/sepolicy/product/private/google_recorder_app.te
new file mode 100644
index 0000000..ac308aa
--- /dev/null
+++ b/recorder/sepolicy/product/private/google_recorder_app.te
@@ -0,0 +1,16 @@
+app_domain(google_recorder_app)
+net_domain(google_recorder_app)
+
+get_prop(google_recorder_app, graphics_config_writable_prop)
+
+allow google_recorder_app app_api_service:service_manager find;
+allow google_recorder_app audioserver_service:service_manager find;
+allow google_recorder_app mediaextractor_service:service_manager find;
+allow google_recorder_app mediametrics_service:service_manager find;
+allow google_recorder_app mediaserver_service:service_manager find;
+
+allow google_recorder_app privapp_data_file:lnk_file r_file_perms;
+allow google_recorder_app privapp_data_file:file execute;
+
+# Library code may try to access default properties, but should be denied
+dontaudit google_recorder_app default_prop:file read;
diff --git a/recorder/sepolicy/product/private/keys.conf b/recorder/sepolicy/product/private/keys.conf
new file mode 100644
index 0000000..9dad2f5
--- /dev/null
+++ b/recorder/sepolicy/product/private/keys.conf
@@ -0,0 +1,2 @@
+[@GOOGLERECORDER]
+ALL : device/google/gs-common/recorder/sepolicy/product/private/certs/com_google_android_apps_recorder.x509.pem
diff --git a/recorder/sepolicy/product/private/mac_permissions.xml b/recorder/sepolicy/product/private/mac_permissions.xml
new file mode 100644
index 0000000..b1d21bf
--- /dev/null
+++ b/recorder/sepolicy/product/private/mac_permissions.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+<policy>
+
+<!--
+
+ * A signature is a hex encoded X.509 certificate or a tag defined in
+ keys.conf and is required for each signer tag.
+ * A signer tag may contain a seinfo tag and multiple package stanzas.
+ * A default tag is allowed that can contain policy for all apps not signed with a
+ previously listed cert. It may not contain any inner package stanzas.
+ * Each signer/default/package tag is allowed to contain one seinfo tag. This tag
+ represents additional info that each app can use in setting a SELinux security
+ context on the eventual process.
+ * When a package is installed the following logic is used to determine what seinfo
+ value, if any, is assigned.
+ - All signatures used to sign the app are checked first.
+ - If a signer stanza has inner package stanzas, those stanza will be checked
+ to try and match the package name of the app. If the package name matches
+ then that seinfo tag is used. If no inner package matches then the outer
+ seinfo tag is assigned.
+ - The default tag is consulted last if needed.
+-->
+ <!-- Google Recorder app key -->
+ <signer signature="@GOOGLERECORDER" >
+ <seinfo value="GoogleRecorder" />
+ </signer>
+</policy>
diff --git a/recorder/sepolicy/product/private/seapp_contexts b/recorder/sepolicy/product/private/seapp_contexts
new file mode 100644
index 0000000..f264927
--- /dev/null
+++ b/recorder/sepolicy/product/private/seapp_contexts
@@ -0,0 +1,2 @@
+# Google Recorder
+user=_app isPrivApp=true seinfo=GoogleRecorder name=com.google.android.apps.recorder domain=google_recorder_app type=app_data_file levelFrom=all
diff --git a/recorder/sepolicy/product/public/google_recorder_app.te b/recorder/sepolicy/product/public/google_recorder_app.te
new file mode 100644
index 0000000..b718e12
--- /dev/null
+++ b/recorder/sepolicy/product/public/google_recorder_app.te
@@ -0,0 +1 @@
+type google_recorder_app, domain;
diff --git a/recorder/sepolicy/vendor/google_recorder_app.te b/recorder/sepolicy/vendor/google_recorder_app.te
new file mode 100644
index 0000000..e140678
--- /dev/null
+++ b/recorder/sepolicy/vendor/google_recorder_app.te
@@ -0,0 +1 @@
+get_prop(google_recorder_app, vendor_audio_prop_restricted)
diff --git a/storage/init.storage.rc b/storage/init.storage.rc
index 71fce43..9e4acd4 100644
--- a/storage/init.storage.rc
+++ b/storage/init.storage.rc
@@ -1,3 +1,11 @@
+on init
+ # Make foreground and background I/O priority different. none-to-rt was
+ # introduced in kernel 5.14. promote-to-rt was introduced in kernel 6.5.
+ # Write none-to-rt first and promote-to-rt next to support both older and
+ # newer kernel versions.
+ write /dev/blkio/blkio.prio.class none-to-rt
+ write /dev/blkio/blkio.prio.class promote-to-rt
+
on property:ro.build.type=userdebug
write /dev/sys/block/bootdevice/pixel/enable_pixel_ufs_logging 1
chown system /dev/sg3
@@ -13,6 +21,7 @@
write /dev/sys/block/by-name/rootdisk/queue/iostats 1
write /dev/sys/block/by-name/rootdisk/queue/nr_requests 128
write /dev/sys/block/by-name/rootdisk/queue/rq_affinity 2
+ write /dev/sys/block/by-name/zoned_device/queue/rq_affinity 2
# UFS
write /dev/sys/block/bootdevice/clkgate_enable 1
diff --git a/storage/sepolicy/device.te b/storage/sepolicy/device.te
new file mode 100644
index 0000000..e0968f9
--- /dev/null
+++ b/storage/sepolicy/device.te
@@ -0,0 +1,2 @@
+# Userdata Exp block device.
+type userdata_exp_block_device, dev_type;
diff --git a/storage/sepolicy/e2fs.te b/storage/sepolicy/e2fs.te
new file mode 100644
index 0000000..c280cb7
--- /dev/null
+++ b/storage/sepolicy/e2fs.te
@@ -0,0 +1 @@
+allow e2fs userdata_exp_block_device:blk_file rw_file_perms;
diff --git a/storage/sepolicy/file_contexts b/storage/sepolicy/file_contexts
index ecca954..ff863db 100644
--- a/storage/sepolicy/file_contexts
+++ b/storage/sepolicy/file_contexts
@@ -3,3 +3,4 @@
/dev/sg[0-9] u:object_r:sg_device:s0
/data/vendor/storage(/.*)? u:object_r:dump_storage_data_file:s0
/vendor/bin/sg_read_buffer u:object_r:sg_util_exec:s0
+/dev/block/by-name/userdata_exp.* u:object_r:userdata_exp_block_device:s0
diff --git a/storage/sepolicy/fsck.te b/storage/sepolicy/fsck.te
new file mode 100644
index 0000000..2043199
--- /dev/null
+++ b/storage/sepolicy/fsck.te
@@ -0,0 +1 @@
+allow fsck userdata_exp_block_device:blk_file rw_file_perms;
diff --git a/storage/sepolicy/vold.te b/storage/sepolicy/vold.te
index 1d743b5..3d35589 100644
--- a/storage/sepolicy/vold.te
+++ b/storage/sepolicy/vold.te
@@ -1,4 +1,8 @@
allow vold sysfs_scsi_devices_0000:file rw_file_perms;
+# Access userdata_exp block device.
+allow vold userdata_exp_block_device:blk_file rw_file_perms;
+allowxperm vold userdata_exp_block_device:blk_file ioctl BLKSECDISCARD;
+
dontaudit vold dumpstate:fifo_file rw_file_perms;
dontaudit vold dumpstate:fd use ;
diff --git a/touch/gti/predump_sepolicy/genfs_contexts b/touch/gti/predump_sepolicy/genfs_contexts
index 45d3b53..1dd4bad 100644
--- a/touch/gti/predump_sepolicy/genfs_contexts
+++ b/touch/gti/predump_sepolicy/genfs_contexts
@@ -1,4 +1,6 @@
# Touch
genfscon sysfs /devices/virtual/goog_touch_interface u:object_r:sysfs_touch_gti:s0
+genfscon sysfs /devices/virtual/goog_touch_interface/gti.0/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/virtual/goog_touch_interface/gti.1/wakeup u:object_r:sysfs_wakeup:s0
genfscon proc /goog_touch_interface u:object_r:proc_touch_gti:s0
diff --git a/touch/gti/sepolicy/genfs_contexts b/touch/gti/sepolicy/genfs_contexts
index 45d3b53..1dd4bad 100644
--- a/touch/gti/sepolicy/genfs_contexts
+++ b/touch/gti/sepolicy/genfs_contexts
@@ -1,4 +1,6 @@
# Touch
genfscon sysfs /devices/virtual/goog_touch_interface u:object_r:sysfs_touch_gti:s0
+genfscon sysfs /devices/virtual/goog_touch_interface/gti.0/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/virtual/goog_touch_interface/gti.1/wakeup u:object_r:sysfs_wakeup:s0
genfscon proc /goog_touch_interface u:object_r:proc_touch_gti:s0
diff --git a/touch/gti/touch_gti_ical.cpp b/touch/gti/touch_gti_ical.cpp
index 0aabd9e..9b5eed5 100644
--- a/touch/gti/touch_gti_ical.cpp
+++ b/touch/gti/touch_gti_ical.cpp
@@ -34,6 +34,18 @@
char *line = NULL;
size_t len = 0;
FILE *ical_fd;
+ const char *ical_override_cmd_prop[2] = {
+ [0] = "vendor.touch.gti0.ical.override.cmd",
+ [1] = "vendor.touch.gti1.ical.override.cmd",
+ };
+ const char *ical_override_result_prop[2] = {
+ [0] = "vendor.touch.gti0.ical.override.result",
+ [1] = "vendor.touch.gti1.ical.override.result",
+ };
+ const char *ical_write_history_prop[2] = {
+ [0] = "vendor.touch.gti0.ical.write.history",
+ [1] = "vendor.touch.gti1.ical.write.history",
+ };
const char *ical_state_prop[2] = {
[0] = "vendor.touch.gti0.ical.state",
[1] = "vendor.touch.gti1.ical.state",
@@ -46,9 +58,16 @@
[0] = "/sys/devices/virtual/goog_touch_interface/gti.0/interactive_calibrate",
[1] = "/sys/devices/virtual/goog_touch_interface/gti.1/interactive_calibrate",
};
+ const char *ical_override_cmd_prop_path = ical_override_cmd_prop[0];
+ const char *ical_override_result_prop_path = ical_override_result_prop[0];
+ const char *ical_write_history_prop_path = ical_write_history_prop[0];
const char *ical_state_prop_path = ical_state_prop[0];
const char *ical_result_prop_path = ical_result_prop[0];
const char *ical_sysfs_path = ical_sysfs[0];
+ const char ical_override_all_cmd_prop_val[PROPERTY_VALUE_MAX] = "xxx";
+ char ical_override_cmd_prop_val[PROPERTY_VALUE_MAX] = "\0";
+ char ical_override_result_prop_val[PROPERTY_VALUE_MAX] = "\0";
+ char ical_write_history_prop_val[PROPERTY_VALUE_MAX] = "\0";
if (argc < 3) {
ALOGW("No target dev or command for interactive_calibrate sysfs.\n");
@@ -60,11 +79,18 @@
if (strncmp(argv[1], "1", strlen(argv[1])) == 0 ||
strncmp(argv[1], "gti1", strlen(argv[1])) == 0 ||
strncmp(argv[1], "gti.1", strlen(argv[1])) == 0) {
+ ical_override_cmd_prop_path = ical_override_cmd_prop[1];
+ ical_override_result_prop_path = ical_override_result_prop[1];
+ ical_write_history_prop_path = ical_write_history_prop[1];
ical_state_prop_path = ical_state_prop[1];
ical_result_prop_path = ical_result_prop[1];
ical_sysfs_path = ical_sysfs[1];
}
+ property_get(ical_override_cmd_prop_path, ical_override_cmd_prop_val, NULL);
+ property_get(ical_override_result_prop_path, ical_override_result_prop_val, "0 - -2147483648");
+ property_get(ical_write_history_prop_path, ical_write_history_prop_val, NULL);
+
property_set(ical_result_prop_path, "na");
property_set(ical_state_prop_path, "running");
if (access(ical_sysfs_path, F_OK | R_OK | W_OK)) {
@@ -84,11 +110,25 @@
getline(&line, &len, ical_fd);
if (line != NULL) {
property_set(ical_state_prop_path, "read");
- property_set(ical_result_prop_path, line);
- ALOGI("read: %s => %s", ical_sysfs_path, line);
+ if (strncmp(ical_override_cmd_prop_val,
+ ical_write_history_prop_val,
+ strlen(ical_write_history_prop_path)) == 0 ||
+ strncasecmp(ical_override_cmd_prop_val,
+ ical_override_all_cmd_prop_val,
+ strlen(ical_override_all_cmd_prop_val)) == 0) {
+ property_set(ical_result_prop_path, ical_override_result_prop_val);
+ ALOGW("read(original): %s => %s",
+ ical_sysfs_path, line);
+ ALOGW("read(override): %s => %s",
+ ical_sysfs_path, ical_override_result_prop_val);
+ } else {
+ property_set(ical_result_prop_path, line);
+ ALOGI("read: %s => %s", ical_sysfs_path, line);
+ }
free(line);
}
} else {
+ property_set(ical_write_history_prop_path, argv[2]);
property_set(ical_state_prop_path, argv[2]);
fwrite(argv[2], 1, strlen(argv[2]), ical_fd);
ALOGI("write: %s => %s\n", argv[2], ical_sysfs_path);
diff --git a/touch/nvt/nvt-spi20.mk b/touch/nvt/nvt-spi20.mk
new file mode 100644
index 0000000..ad46fcc
--- /dev/null
+++ b/touch/nvt/nvt-spi20.mk
@@ -0,0 +1,2 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/nvt/sepolicy
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/nvt/sepolicy-spi20
diff --git a/touch/nvt/sepolicy-spi20/genfs_contexts b/touch/nvt/sepolicy-spi20/genfs_contexts
new file mode 100644
index 0000000..05467a3
--- /dev/null
+++ b/touch/nvt/sepolicy-spi20/genfs_contexts
@@ -0,0 +1,8 @@
+# Touch
+genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0 u:object_r:sysfs_touch:s0
+
+# System suspend wakeup files
+genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/power_supply/nvt-pen-battery/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/power_supply/USI_Stylus_Battery/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/input/input2/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/wakeup u:object_r:sysfs_wakeup:s0
diff --git a/touch/nvt/sepolicy/file.te b/touch/nvt/sepolicy/file.te
index e310df7..05a770b 100644
--- a/touch/nvt/sepolicy/file.te
+++ b/touch/nvt/sepolicy/file.te
@@ -1 +1,2 @@
type sysfs_touch, sysfs_type, fs_type;
+type proc_touch, proc_type, fs_type;
diff --git a/touch/nvt/sepolicy/genfs_contexts b/touch/nvt/sepolicy/genfs_contexts
new file mode 100644
index 0000000..b120511
--- /dev/null
+++ b/touch/nvt/sepolicy/genfs_contexts
@@ -0,0 +1,12 @@
+genfscon proc /nvt_baseline u:object_r:proc_touch:s0
+genfscon proc /nvt_cc_uniformity u:object_r:proc_touch:s0
+genfscon proc /nvt_diff u:object_r:proc_touch:s0
+genfscon proc /nvt_fw_update u:object_r:proc_touch:s0
+genfscon proc /nvt_fw_version u:object_r:proc_touch:s0
+genfscon proc /nvt_heatmap u:object_r:proc_touch:s0
+genfscon proc /nvt_pen_1d_diff u:object_r:proc_touch:s0
+genfscon proc /nvt_pen_2d_baseline u:object_r:proc_touch:s0
+genfscon proc /nvt_pen_2d_diff u:object_r:proc_touch:s0
+genfscon proc /nvt_pen_2d_raw u:object_r:proc_touch:s0
+genfscon proc /nvt_raw u:object_r:proc_touch:s0
+genfscon proc /nvt_selftest u:object_r:proc_touch:s0
diff --git a/touch/nvt/sepolicy/vendor_init.te b/touch/nvt/sepolicy/vendor_init.te
new file mode 100644
index 0000000..8b844dd
--- /dev/null
+++ b/touch/nvt/sepolicy/vendor_init.te
@@ -0,0 +1,5 @@
+allow vendor_init sysfs_touch:dir r_dir_perms;
+allow vendor_init sysfs_touch:file rw_file_perms;
+allow vendor_init proc_touch:dir r_dir_perms;
+allow vendor_init proc_touch:file rw_file_perms;
+set_prop(vendor_init, gesture_prop)
diff --git a/touch/twoshay/sepolicy/touchflow_debug/file_contexts b/touch/twoshay/sepolicy/touchflow_debug/file_contexts
deleted file mode 100644
index 17dfe62..0000000
--- a/touch/twoshay/sepolicy/touchflow_debug/file_contexts
+++ /dev/null
@@ -1,2 +0,0 @@
-/vendor/bin/hw/android\.hardware\.input\.processor-reflector u:object_r:hal_input_processor_default_exec:s0
-/vendor/bin/twoshay_touchflow u:object_r:twoshay_exec:s0
diff --git a/wireless_charger/compatibility_matrix.xml b/wireless_charger/compatibility_matrix.xml
index 7d18cd9..b760b1d 100644
--- a/wireless_charger/compatibility_matrix.xml
+++ b/wireless_charger/compatibility_matrix.xml
@@ -7,4 +7,12 @@
<instance>default</instance>
</interface>
</hal>
+ <hal format="aidl" optional="true">
+ <name>vendor.google.wireless_charger.service</name>
+ <version>1</version>
+ <interface>
+ <name>IWlcService</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
</compatibility-matrix>
diff --git a/wireless_charger/sepolicy/dumpstate.te b/wireless_charger/sepolicy/dumpstate.te
new file mode 100644
index 0000000..3c5fac3
--- /dev/null
+++ b/wireless_charger/sepolicy/dumpstate.te
@@ -0,0 +1 @@
+binder_call(dumpstate, hal_wlcservice)
diff --git a/wireless_charger/sepolicy/file.te b/wireless_charger/sepolicy/file.te
new file mode 100644
index 0000000..6dd54c8
--- /dev/null
+++ b/wireless_charger/sepolicy/file.te
@@ -0,0 +1 @@
+type vendor_wlc_file, file_type, data_file_type;
diff --git a/wireless_charger/sepolicy/file_contexts b/wireless_charger/sepolicy/file_contexts
index 004c7a1..98796a9 100644
--- a/wireless_charger/sepolicy/file_contexts
+++ b/wireless_charger/sepolicy/file_contexts
@@ -1 +1,5 @@
/vendor/bin/hw/vendor\.google\.wireless_charger-default u:object_r:hal_wireless_charger_exec:s0
+/vendor/bin/hw/vendor\.google\.wireless_charger\.service-default u:object_r:hal_wlcservice_exec:s0
+
+# Data
+/data/vendor/wireless_charger(/.*)? u:object_r:vendor_wlc_file:s0
diff --git a/wireless_charger/sepolicy/hal_wireless_charger.te b/wireless_charger/sepolicy/hal_wireless_charger.te
index 7ab8d83..b5ed734 100644
--- a/wireless_charger/sepolicy/hal_wireless_charger.te
+++ b/wireless_charger/sepolicy/hal_wireless_charger.te
@@ -17,3 +17,4 @@
binder_call(hal_wireless_charger, platform_app)
binder_call(hal_wireless_charger, system_app)
+binder_call(hal_wireless_charger, hal_wlcservice)
diff --git a/wireless_charger/sepolicy/hal_wlcservice.te b/wireless_charger/sepolicy/hal_wlcservice.te
new file mode 100644
index 0000000..eadb593
--- /dev/null
+++ b/wireless_charger/sepolicy/hal_wlcservice.te
@@ -0,0 +1,18 @@
+type hal_wlcservice, domain;
+type hal_wlcservice_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(hal_wlcservice)
+
+allow hal_wlcservice vendor_wlc_file:dir create_dir_perms;
+allow hal_wlcservice vendor_wlc_file:file create_file_perms;
+allow hal_wlcservice hal_wireless_charger_service:service_manager find;
+allow hal_wlcservice kmsg_device:chr_file { getattr w_file_perms };
+
+binder_call(hal_wlcservice, servicemanager)
+add_service(hal_wlcservice, hal_wlcservice_service)
+
+userdebug_or_eng(`
+ domain_auto_trans(shell, hal_wlcservice_exec, hal_wlcservice)
+')
+
+binder_call(hal_wlcservice, hal_wireless_charger)
diff --git a/wireless_charger/sepolicy/service.te b/wireless_charger/sepolicy/service.te
new file mode 100644
index 0000000..8f8d87b
--- /dev/null
+++ b/wireless_charger/sepolicy/service.te
@@ -0,0 +1 @@
+type hal_wlcservice_service, hal_service_type, protected_service, service_manager_type;
diff --git a/wireless_charger/sepolicy/service_contexts b/wireless_charger/sepolicy/service_contexts
index 5813e35..ed2faba 100644
--- a/wireless_charger/sepolicy/service_contexts
+++ b/wireless_charger/sepolicy/service_contexts
@@ -1 +1,2 @@
vendor.google.wireless_charger.IWirelessCharger/default u:object_r:hal_wireless_charger_service:s0
+vendor.google.wireless_charger.service.IWlcService/default u:object_r:hal_wlcservice_service:s0
diff --git a/wireless_charger/sepolicy/servicemanager.te b/wireless_charger/sepolicy/servicemanager.te
new file mode 100644
index 0000000..74d7244
--- /dev/null
+++ b/wireless_charger/sepolicy/servicemanager.te
@@ -0,0 +1 @@
+binder_call(servicemanager, hal_wlcservice)
diff --git a/wireless_charger/wireless_charger.mk b/wireless_charger/wireless_charger.mk
index acf5fc1..a2dc27c 100644
--- a/wireless_charger/wireless_charger.mk
+++ b/wireless_charger/wireless_charger.mk
@@ -1,5 +1,6 @@
PRODUCT_SOONG_NAMESPACES += vendor/google/interfaces
PRODUCT_PACKAGES += vendor.google.wireless_charger-default
+PRODUCT_PACKAGES += vendor.google.wireless_charger.service-default
DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/wireless_charger/compatibility_matrix.xml
BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/wireless_charger/sepolicy