Merge "Disable armnn nnapi backend" into main
diff --git a/thermal/Android.bp b/thermal/dump/Android.bp
similarity index 100%
rename from thermal/Android.bp
rename to thermal/dump/Android.bp
diff --git a/thermal/dump_thermal.sh b/thermal/dump/dump_thermal.sh
similarity index 100%
rename from thermal/dump_thermal.sh
rename to thermal/dump/dump_thermal.sh
diff --git a/thermal/dump/thermal.mk b/thermal/dump/thermal.mk
new file mode 100644
index 0000000..03b1dfa
--- /dev/null
+++ b/thermal/dump/thermal.mk
@@ -0,0 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/thermal/sepolicy/dump
+
+PRODUCT_PACKAGES += dump/dump_thermal.sh
diff --git a/thermal/sepolicy/dump_thermal.te b/thermal/sepolicy/dump/dump_thermal.te
similarity index 100%
rename from thermal/sepolicy/dump_thermal.te
rename to thermal/sepolicy/dump/dump_thermal.te
diff --git a/thermal/sepolicy/file_contexts b/thermal/sepolicy/dump/file_contexts
similarity index 100%
rename from thermal/sepolicy/file_contexts
rename to thermal/sepolicy/dump/file_contexts
diff --git a/thermal/sepolicy/genfs_contexts b/thermal/sepolicy/dump/genfs_contexts
similarity index 100%
rename from thermal/sepolicy/genfs_contexts
rename to thermal/sepolicy/dump/genfs_contexts
diff --git a/thermal/sepolicy/thermal_hal/file.te b/thermal/sepolicy/thermal_hal/file.te
new file mode 100644
index 0000000..a2b1ab8
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/file.te
@@ -0,0 +1,2 @@
+type thermal_link_device, dev_type;
+type debugfs_thermal, debugfs_type, fs_type;
diff --git a/thermal/sepolicy/thermal_hal/file_contexts b/thermal/sepolicy/thermal_hal/file_contexts
new file mode 100644
index 0000000..c3fb04f
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/file_contexts
@@ -0,0 +1,6 @@
+/vendor/bin/hw/android\.hardware\.thermal@2\.0-service\.pixel u:object_r:hal_thermal_default_exec:s0
+/vendor/bin/hw/android\.hardware\.thermal-service\.pixel u:object_r:hal_thermal_default_exec:s0
+/vendor/bin/thermal_logd u:object_r:init-thermal-logging-sh_exec:s0
+/vendor/bin/thermal_controld u:object_r:pixel-thermal-control-sh_exec:s0
+/vendor/bin/thermal_symlinks u:object_r:init-thermal-symlinks-sh_exec:s0
+/dev/thermal(/.*)? u:object_r:thermal_link_device:s0
diff --git a/thermal/sepolicy/thermal_hal/genfs_contexts b/thermal/sepolicy/thermal_hal/genfs_contexts
new file mode 100644
index 0000000..3000fa0
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/genfs_contexts
@@ -0,0 +1,3 @@
+genfscon sysfs /devices/virtual/thermal u:object_r:sysfs_thermal:s0
+genfscon sysfs /class/thermal u:object_r:sysfs_thermal:s0
+genfscon debugfs /gs101-thermal u:object_r:debugfs_thermal:s0
diff --git a/thermal/sepolicy/thermal_hal/hal_thermal_default.te b/thermal/sepolicy/thermal_hal/hal_thermal_default.te
new file mode 100644
index 0000000..45ccf3a
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/hal_thermal_default.te
@@ -0,0 +1,16 @@
+allow hal_thermal_default sysfs_thermal:dir r_dir_perms;
+allow hal_thermal_default sysfs_thermal:file rw_file_perms;
+allow hal_thermal_default sysfs_thermal:lnk_file r_file_perms;
+allow hal_thermal_default thermal_link_device:dir r_dir_perms;
+allow hal_thermal_default proc_stat:file r_file_perms;
+allow hal_thermal_default self:netlink_generic_socket create_socket_perms_no_ioctl;
+allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
+
+hal_client_domain(hal_thermal_default, hal_power);
+
+# read thermal_config
+get_prop(hal_thermal_default, vendor_thermal_prop)
+
+# Needed for reporting thermal stats event
+allow hal_thermal_default fwk_stats_service:service_manager find;
+binder_call(hal_thermal_default, servicemanager)
diff --git a/thermal/sepolicy/thermal_hal/init-thermal-logging.sh.te b/thermal/sepolicy/thermal_hal/init-thermal-logging.sh.te
new file mode 100644
index 0000000..3da540e
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/init-thermal-logging.sh.te
@@ -0,0 +1,10 @@
+type init-thermal-logging-sh, domain;
+type init-thermal-logging-sh_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(init-thermal-logging-sh)
+
+userdebug_or_eng(`
+ allow init-thermal-logging-sh vendor_toolbox_exec:file rx_file_perms;
+ allow init-thermal-logging-sh sysfs_thermal:dir r_dir_perms;
+ allow init-thermal-logging-sh sysfs_thermal:file r_file_perms;
+')
diff --git a/thermal/sepolicy/thermal_hal/init-thermal-symlinks.sh.te b/thermal/sepolicy/thermal_hal/init-thermal-symlinks.sh.te
new file mode 100644
index 0000000..093512c
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/init-thermal-symlinks.sh.te
@@ -0,0 +1,12 @@
+type init-thermal-symlinks-sh, domain;
+type init-thermal-symlinks-sh_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(init-thermal-symlinks-sh)
+
+allow init-thermal-symlinks-sh vendor_toolbox_exec:file rx_file_perms;
+allow init-thermal-symlinks-sh thermal_link_device:dir rw_dir_perms;
+allow init-thermal-symlinks-sh thermal_link_device:lnk_file create_file_perms;
+allow init-thermal-symlinks-sh sysfs_thermal:dir r_dir_perms;
+allow init-thermal-symlinks-sh sysfs_thermal:file r_file_perms;
+allow init-thermal-symlinks-sh sysfs_thermal:lnk_file r_file_perms;
+set_prop(init-thermal-symlinks-sh, vendor_thermal_prop)
diff --git a/thermal/sepolicy/thermal_hal/pixel-thermal-control.sh.te b/thermal/sepolicy/thermal_hal/pixel-thermal-control.sh.te
new file mode 100644
index 0000000..a6430f1
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/pixel-thermal-control.sh.te
@@ -0,0 +1,13 @@
+type pixel-thermal-control-sh, domain;
+type pixel-thermal-control-sh_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(pixel-thermal-control-sh)
+
+userdebug_or_eng(`
+ allow pixel-thermal-control-sh vendor_toolbox_exec:file execute_no_trans;
+ allow pixel-thermal-control-sh sysfs_thermal:dir r_dir_perms;
+ allow pixel-thermal-control-sh sysfs_thermal:file rw_file_perms;
+ allow pixel-thermal-control-sh sysfs_thermal:lnk_file r_file_perms;
+ allow pixel-thermal-control-sh thermal_link_device:dir r_dir_perms;
+ get_prop(pixel-thermal-control-sh, vendor_thermal_prop)
+')
diff --git a/thermal/sepolicy/thermal_hal/property.te b/thermal/sepolicy/thermal_hal/property.te
new file mode 100644
index 0000000..676c85a
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/property.te
@@ -0,0 +1,2 @@
+#thermal HAL
+vendor_internal_prop(vendor_thermal_prop)
diff --git a/thermal/sepolicy/thermal_hal/property_contexts b/thermal/sepolicy/thermal_hal/property_contexts
new file mode 100644
index 0000000..65a02ee
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/property_contexts
@@ -0,0 +1 @@
+vendor.thermal. u:object_r:vendor_thermal_prop:s0
diff --git a/thermal/sepolicy/thermal_hal/vendor_init.te b/thermal/sepolicy/thermal_hal/vendor_init.te
new file mode 100644
index 0000000..aaf6ac1
--- /dev/null
+++ b/thermal/sepolicy/thermal_hal/vendor_init.te
@@ -0,0 +1,3 @@
+allow vendor_init thermal_link_device:dir r_dir_perms;
+allow vendor_init thermal_link_device:lnk_file r_file_perms;
+set_prop(vendor_init, vendor_thermal_prop)
diff --git a/thermal/thermal.mk b/thermal/thermal.mk
index 3b3dede..03b1dfa 100644
--- a/thermal/thermal.mk
+++ b/thermal/thermal.mk
@@ -1,3 +1,3 @@
-BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/thermal/sepolicy
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/thermal/sepolicy/dump
-PRODUCT_PACKAGES += dump_thermal.sh
+PRODUCT_PACKAGES += dump/dump_thermal.sh
diff --git a/thermal/thermal_hal/device.mk b/thermal/thermal_hal/device.mk
new file mode 100644
index 0000000..260b59f
--- /dev/null
+++ b/thermal/thermal_hal/device.mk
@@ -0,0 +1,10 @@
+PRODUCT_PACKAGES += android.hardware.thermal-service.pixel
+
+# Thermal utils
+PRODUCT_PACKAGES += thermal_symlinks
+
+# Thermal logd
+PRODUCT_PACKAGES_DEBUG += thermal_logd
+PRODUCT_PACKAGES_ENG += thermal_logd
+
+BOARD_SEPOLICY_DIRS += device/google/gs-common/thermal/sepolicy/thermal_hal