Merge "logger: Change access right to lastmeal.txt"
diff --git a/edgetpu/edgetpu.mk b/edgetpu/edgetpu.mk
index 3f79438..7b93487 100644
--- a/edgetpu/edgetpu.mk
+++ b/edgetpu/edgetpu.mk
@@ -19,5 +19,9 @@
# TPU TFlite Delegate
PRODUCT_PACKAGES += \
libedgetpu_util
+# TPU DBA AIDL HAL service
+PRODUCT_PACKAGES += com.google.edgetpu.dba-service
+# TPU DBA C API library
+PRODUCT_PACKAGES += libedgetpu_dba.google
BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/edgetpu/sepolicy
diff --git a/edgetpu/sepolicy/edgetpu_dba_service.te b/edgetpu/sepolicy/edgetpu_dba_service.te
new file mode 100644
index 0000000..2e8f908
--- /dev/null
+++ b/edgetpu/sepolicy/edgetpu_dba_service.te
@@ -0,0 +1,38 @@
+# EdgeTPU DBA service.
+type edgetpu_dba_server, domain;
+type edgetpu_dba_server_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(edgetpu_dba_server)
+
+# The vendor service will use binder calls.
+binder_use(edgetpu_dba_server);
+
+# The vendor service will serve a binder service.
+binder_service(edgetpu_dba_server);
+
+# EdgeTPU DBA service to register the service to service_manager.
+add_service(edgetpu_dba_server, edgetpu_dba_service);
+
+# Allow EdgeTPU DBA service to look for TPU instance in /dev/edgetpu or /dev/edgetpu-soc.
+allow edgetpu_dba_server edgetpu_device:chr_file rw_file_perms;
+
+# Allow EdgeTPU DBA service to request power hints from the Power Service.
+hal_client_domain(edgetpu_dba_server, hal_power)
+
+# Allow EdgeTPU DBA service to access hardware buffers and ION memory.
+allow edgetpu_dba_server hal_allocator:fd use;
+allow edgetpu_dba_server hal_graphics_mapper_hwservice:hwservice_manager find;
+allow edgetpu_dba_server hal_graphics_allocator:fd use;
+allow edgetpu_dba_server gpu_device:chr_file rw_file_perms;
+allow edgetpu_dba_server gpu_device:dir r_dir_perms;
+allow edgetpu_dba_server ion_device:chr_file r_file_perms;
+
+# Allow EdgeTPU DBA service to read the overcommit_memory info.
+allow edgetpu_dba_server proc_overcommit_memory:file r_file_perms;
+
+# Allow EdgeTPU DBA service to read the kernel version.
+# This is done inside the InitGoogle.
+allow edgetpu_dba_server proc_version:file r_file_perms;
+
+# Allow EdgeTPU DBA service to send trace packets to Perfetto with SELinux enabled
+# under userdebug builds.
+userdebug_or_eng(`perfetto_producer(edgetpu_dba_server)')
diff --git a/edgetpu/sepolicy/file_contexts b/edgetpu/sepolicy/file_contexts
index e8fb9ac..8f6481c 100644
--- a/edgetpu/sepolicy/file_contexts
+++ b/edgetpu/sepolicy/file_contexts
@@ -22,3 +22,5 @@
/data/vendor/hal_neuralnetworks_darwinn(/.*)? u:object_r:hal_neuralnetworks_darwinn_data_file:s0
/data/vendor/edgetpu(/.*)? u:object_r:edgetpu_vendor_service_data_file:s0
+# EdgeTPU DBA service
+/vendor/bin/hw/com\.google\.edgetpu.dba-service u:object_r:edgetpu_dba_server_exec:s0
diff --git a/edgetpu/sepolicy/priv_app.te b/edgetpu/sepolicy/priv_app.te
index 22021a8..a9b49c3 100644
--- a/edgetpu/sepolicy/priv_app.te
+++ b/edgetpu/sepolicy/priv_app.te
@@ -7,4 +7,3 @@
# Allows privileged applications to access the EdgeTPU device, except open,
# which is guarded by the EdgeTPU service.
allow priv_app edgetpu_device:chr_file { getattr read write ioctl map };
-
diff --git a/edgetpu/sepolicy/service.te b/edgetpu/sepolicy/service.te
index 3cb81dd..be06e04 100644
--- a/edgetpu/sepolicy/service.te
+++ b/edgetpu/sepolicy/service.te
@@ -1,5 +1,6 @@
type edgetpu_nnapi_service, app_api_service, service_manager_type;
type edgetpu_vendor_service, service_manager_type, hal_service_type;
+type edgetpu_dba_service, app_api_service, service_manager_type;
# EdgeTPU binder service type declaration.
type edgetpu_app_service, service_manager_type;
diff --git a/edgetpu/sepolicy/service_contexts b/edgetpu/sepolicy/service_contexts
index 9972eae..83967f7 100644
--- a/edgetpu/sepolicy/service_contexts
+++ b/edgetpu/sepolicy/service_contexts
@@ -5,3 +5,6 @@
# EdgeTPU service
com.google.edgetpu.IEdgeTpuAppService/default u:object_r:edgetpu_app_service:s0
+
+# EdgeTPU DBA Service
+com.google.edgetpu.dba.IDevice/default u:object_r:edgetpu_dba_service:s0
diff --git a/pcie/Android.bp b/pcie/Android.bp
new file mode 100644
index 0000000..ae6a94e
--- /dev/null
+++ b/pcie/Android.bp
@@ -0,0 +1,10 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+sh_binary {
+ name: "dump_pcie.sh",
+ src: "dump_pcie.sh",
+ vendor: true,
+ sub_dir: "dump",
+}
diff --git a/pcie/dump_pcie.sh b/pcie/dump_pcie.sh
new file mode 100644
index 0000000..0d543d6
--- /dev/null
+++ b/pcie/dump_pcie.sh
@@ -0,0 +1,5 @@
+#!/vendor/bin/sh
+echo "--- pcie0 dump ---"
+cat /dev/logbuffer_pcie0
+echo "--- pcie1 dump ---"
+cat /dev/logbuffer_pcie1
diff --git a/pcie/pcie.mk b/pcie/pcie.mk
new file mode 100644
index 0000000..f9ab327
--- /dev/null
+++ b/pcie/pcie.mk
@@ -0,0 +1,2 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/pcie/sepolicy
+PRODUCT_PACKAGES += dump_pcie.sh
diff --git a/pcie/sepolicy/device.te b/pcie/sepolicy/device.te
new file mode 100644
index 0000000..8a471b0
--- /dev/null
+++ b/pcie/sepolicy/device.te
@@ -0,0 +1 @@
+type pcie_log_device, dev_type;
diff --git a/pcie/sepolicy/dump_pcie.te b/pcie/sepolicy/dump_pcie.te
new file mode 100644
index 0000000..6d490bc
--- /dev/null
+++ b/pcie/sepolicy/dump_pcie.te
@@ -0,0 +1,4 @@
+pixel_bugreport(dump_pcie)
+
+allow dump_pcie pcie_log_device:chr_file r_file_perms;
+allow dump_pcie vendor_toolbox_exec:file execute_no_trans;
diff --git a/pcie/sepolicy/file_contexts b/pcie/sepolicy/file_contexts
new file mode 100644
index 0000000..e06f754
--- /dev/null
+++ b/pcie/sepolicy/file_contexts
@@ -0,0 +1,4 @@
+/vendor/bin/dump/dump_pcie\.sh u:object_r:dump_pcie_exec:s0
+
+/dev/logbuffer_pcie0 u:object_r:pcie_log_device:s0
+/dev/logbuffer_pcie1 u:object_r:pcie_log_device:s0
diff --git a/pixel_ril/compatibility_matrix.xml b/pixel_ril/compatibility_matrix.xml
new file mode 100644
index 0000000..b3539f6
--- /dev/null
+++ b/pixel_ril/compatibility_matrix.xml
@@ -0,0 +1,11 @@
+<compatibility-matrix version="1.0" type="framework" level="7">
+ <hal format="aidl" optional="true">
+ <name>vendor.google.ril_ext</name>
+ <version>1</version>
+ <interface>
+ <name>IRilExt</name>
+ <instance>slot1</instance>
+ <instance>slot2</instance>
+ </interface>
+ </hal>
+</compatibility-matrix>
diff --git a/pixel_ril/manifest_ril.xml b/pixel_ril/manifest_ril.xml
new file mode 100644
index 0000000..ca11929
--- /dev/null
+++ b/pixel_ril/manifest_ril.xml
@@ -0,0 +1,6 @@
+<manifest version="1.0" type="device">
+ <hal format="aidl">
+ <name>vendor.google.ril_ext</name>
+ <fqname>IRilExt/slot1</fqname>
+ </hal>
+</manifest>
diff --git a/pixel_ril/manifest_ril_ds.xml b/pixel_ril/manifest_ril_ds.xml
new file mode 100644
index 0000000..15af796
--- /dev/null
+++ b/pixel_ril/manifest_ril_ds.xml
@@ -0,0 +1,7 @@
+<manifest version="1.0" type="device">
+ <hal format="aidl">
+ <name>vendor.google.ril_ext</name>
+ <fqname>IRilExt/slot1</fqname>
+ <fqname>IRilExt/slot2</fqname>
+ </hal>
+</manifest>
diff --git a/pixel_ril/ril.mk b/pixel_ril/ril.mk
new file mode 100644
index 0000000..03f7f24
--- /dev/null
+++ b/pixel_ril/ril.mk
@@ -0,0 +1,14 @@
+BOARD_SEPOLICY_DIRS += device/google/gs-common/pixel_ril/sepolicy
+
+ifeq ($(SIM_COUNT), 2)
+ DEVICE_MANIFEST_FILE += device/google/gs-common/pixel_ril/manifest_ril_ds.xml
+else
+ DEVICE_MANIFEST_FILE += device/google/gs-common/pixel_ril/manifest_ril.xml
+endif
+DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/pixel_ril/compatibility_matrix.xml
+
+PRODUCT_PACKAGES += ril-extension
+
+PRODUCT_SOONG_NAMESPACES += vendor/google/tools/ril-extension-service
+
+USE_GOOGLE_RIL_EXT := true
diff --git a/pixel_ril/sepolicy/rild.te b/pixel_ril/sepolicy/rild.te
new file mode 100644
index 0000000..3bb2cd7
--- /dev/null
+++ b/pixel_ril/sepolicy/rild.te
@@ -0,0 +1,2 @@
+add_service(rild, hal_ril_ext_service)
+binder_call(rild, rilextensionservice_app)
diff --git a/pixel_ril/sepolicy/rilextensionservice_app.te b/pixel_ril/sepolicy/rilextensionservice_app.te
new file mode 100644
index 0000000..d315367
--- /dev/null
+++ b/pixel_ril/sepolicy/rilextensionservice_app.te
@@ -0,0 +1,11 @@
+type rilextensionservice_app, domain;
+app_domain(rilextensionservice_app)
+
+allow rilextensionservice_app app_api_service:service_manager find;
+allow rilextensionservice_app hal_ril_ext_service:service_manager find;
+allow rilextensionservice_app radio_service:service_manager find;
+
+binder_call(rilextensionservice_app, rild)
+
+set_prop(rilextensionservice_app, vendor_rild_prop)
+set_prop(rilextensionservice_app, radio_prop)
diff --git a/pixel_ril/sepolicy/seapp_contexts b/pixel_ril/sepolicy/seapp_contexts
new file mode 100644
index 0000000..295f5c9
--- /dev/null
+++ b/pixel_ril/sepolicy/seapp_contexts
@@ -0,0 +1,2 @@
+# RIL extension service
+user=_app isPrivApp=true name=com.google.android.rilextension domain=rilextensionservice_app levelFrom=all
diff --git a/pixel_ril/sepolicy/service.te b/pixel_ril/sepolicy/service.te
new file mode 100644
index 0000000..1908206
--- /dev/null
+++ b/pixel_ril/sepolicy/service.te
@@ -0,0 +1 @@
+type hal_ril_ext_service, hal_service_type, service_manager_type;
diff --git a/pixel_ril/sepolicy/service_contexts b/pixel_ril/sepolicy/service_contexts
new file mode 100644
index 0000000..5f29162
--- /dev/null
+++ b/pixel_ril/sepolicy/service_contexts
@@ -0,0 +1,3 @@
+vendor.google.ril_ext.IRilExt/slot1 u:object_r:hal_ril_ext_service:s0
+vendor.google.ril_ext.IRilExt/slot2 u:object_r:hal_ril_ext_service:s0
+vendor.google.ril_ext.IRilExt/slot3 u:object_r:hal_ril_ext_service:s0
diff --git a/touch/stm/sepolicy/vendor_init.te b/touch/stm/sepolicy/vendor_init.te
new file mode 100644
index 0000000..74a6666
--- /dev/null
+++ b/touch/stm/sepolicy/vendor_init.te
@@ -0,0 +1 @@
+set_prop(vendor_init, vendor_touch_dump_path_prop)