allow powerhal to access PA_KILL knobs am: 2522590c40
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs-common/+/27256041
Change-Id: I1e2ae9ee0b8e1744d3be313645c496947b76e7a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/aoc/sepolicy/file_contexts b/aoc/sepolicy/file_contexts
index c43bc75..ed8a6d6 100644
--- a/aoc/sepolicy/file_contexts
+++ b/aoc/sepolicy/file_contexts
@@ -28,6 +28,8 @@
/dev/acd-audio_ap_offload_tx u:object_r:aoc_device:s0
/dev/acd-mel_processor u:object_r:aoc_device:s0
/dev/acd-aocx_control u:object_r:aoc_device:s0
+/dev/acd-aocx_inject[0-9]* u:object_r:aoc_device:s0
+/dev/acd-aocx_tapout[0-9]* u:object_r:aoc_device:s0
/dev/acd-mc_headpos u:object_r:aoc_device:s0
# AoC vendor binaries
diff --git a/bcmbt/bluetooth.mk b/bcmbt/bluetooth.mk
index eb6a29b..af4cf99 100644
--- a/bcmbt/bluetooth.mk
+++ b/bcmbt/bluetooth.mk
@@ -1,6 +1,8 @@
PRODUCT_SOONG_NAMESPACES += vendor/broadcom/bluetooth
PRODUCT_PACKAGES += \
android.hardware.bluetooth-V1-ndk.so \
+ android.hardware.bluetooth.finder-V1-ndk.so \
+ android.hardware.bluetooth.ranging-V1-ndk.so \
android.hardware.bluetooth-service.bcmbtlinux \
vendor.google.bluetooth_ext-V1-ndk.so \
bt_vendor.conf \
diff --git a/bcmbt/compatibility_matrix.xml b/bcmbt/compatibility_matrix.xml
index 1a63ccf..65b0c6d 100644
--- a/bcmbt/compatibility_matrix.xml
+++ b/bcmbt/compatibility_matrix.xml
@@ -6,7 +6,6 @@
<name>IBluetoothFinder</name>
<instance>default</instance>
</interface>
- <fqname>IBluetoothFinder/default</fqname>
<interface>
<name>IBluetoothCcc</name>
<instance>default</instance>
diff --git a/bcmbt/manifest_bluetooth.xml b/bcmbt/manifest_bluetooth.xml
index f14112c..a72f1c9 100644
--- a/bcmbt/manifest_bluetooth.xml
+++ b/bcmbt/manifest_bluetooth.xml
@@ -5,6 +5,16 @@
<fqname>IBluetoothHci/default</fqname>
</hal>
<hal format="aidl">
+ <name>android.hardware.bluetooth.finder</name>
+ <version>1</version>
+ <fqname>IBluetoothFinder/default</fqname>
+ </hal>
+ <hal format="aidl">
+ <name>android.hardware.bluetooth.ranging</name>
+ <version>1</version>
+ <fqname>IBluetoothChannelSounding/default</fqname>
+ </hal>
+ <hal format="aidl">
<name>vendor.google.bluetooth_ext</name>
<version>1</version>
<fqname>IBTChannelAvoidance/default</fqname>
diff --git a/edgetpu/sepolicy/device.te b/edgetpu/sepolicy/device.te
index 9296ba5..78e918a 100644
--- a/edgetpu/sepolicy/device.te
+++ b/edgetpu/sepolicy/device.te
@@ -1,2 +1,2 @@
# EdgeTPU device (DarwiNN)
-type edgetpu_device, dev_type, mlstrustedobject;
+type edgetpu_device, dev_type, mlstrustedobject, isolated_compute_allowed_device;
diff --git a/edgetpu/sepolicy/edgetpu_tachyon_service.te b/edgetpu/sepolicy/edgetpu_tachyon_service.te
index 5ead23b..da34353 100644
--- a/edgetpu/sepolicy/edgetpu_tachyon_service.te
+++ b/edgetpu/sepolicy/edgetpu_tachyon_service.te
@@ -49,3 +49,14 @@
get_prop(edgetpu_tachyon_server, vendor_hetero_runtime_prop)
# Allow Tachyon service to read EdgeTPU CPU scheduler properties
get_prop(edgetpu_tachyon_server, vendor_edgetpu_cpu_scheduler_prop)
+
+# Allow mlock without size restriction
+allow edgetpu_tachyon_server self:capability ipc_lock;
+
+# Need to effectively read file mapped file when mmap + mlocked.
+allow edgetpu_tachyon_server privapp_data_file:file { map read};
+
+# For shell level testing of mlock
+userdebug_or_eng(`
+ allow edgetpu_tachyon_server shell_data_file:file { map read};
+')
diff --git a/edgetpu/sepolicy/file_contexts b/edgetpu/sepolicy/file_contexts
index 06f0a89..6190fcf 100644
--- a/edgetpu/sepolicy/file_contexts
+++ b/edgetpu/sepolicy/file_contexts
@@ -17,6 +17,8 @@
# EdgeTPU runtime libraries
/vendor/lib64/com\.google\.edgetpu_app_service-V[1-4]-ndk\.so u:object_r:same_process_hal_file:s0
/vendor/lib64/com\.google\.edgetpu_vendor_service-V[1-2]-ndk\.so u:object_r:same_process_hal_file:s0
+# EdgeTPU Tachyon libraries
+/vendor/lib64/libedgetpu_tachyon\.google\.so u:object_r:same_process_hal_file:s0
# EdgeTPU data files
/data/vendor/hal_neuralnetworks_darwinn(/.*)? u:object_r:hal_neuralnetworks_darwinn_data_file:s0
@@ -27,3 +29,6 @@
# Tachyon service
/vendor/bin/hw/com\.google\.edgetpu.tachyon-service u:object_r:edgetpu_tachyon_server_exec:s0
+
+# libfmq.so is dynamically loaded by the Tachyon client-side library libedgetpu_tachyon.google.so
+/vendor/lib64/libfmq\.so u:object_r:same_process_hal_file:s0
diff --git a/edgetpu/sepolicy/priv_app.te b/edgetpu/sepolicy/priv_app.te
index a9b49c3..579cc61 100644
--- a/edgetpu/sepolicy/priv_app.te
+++ b/edgetpu/sepolicy/priv_app.te
@@ -7,3 +7,6 @@
# Allows privileged applications to access the EdgeTPU device, except open,
# which is guarded by the EdgeTPU service.
allow priv_app edgetpu_device:chr_file { getattr read write ioctl map };
+
+# Allows EdgeTPU Tachyon service to call the app.
+binder_call(edgetpu_tachyon_server, priv_app);
diff --git a/edgetpu/sepolicy/service.te b/edgetpu/sepolicy/service.te
index b1a5409..5ea2006 100644
--- a/edgetpu/sepolicy/service.te
+++ b/edgetpu/sepolicy/service.te
@@ -4,4 +4,4 @@
type edgetpu_tachyon_service, app_api_service, service_manager_type, isolated_compute_allowed_service;
# EdgeTPU binder service type declaration.
-type edgetpu_app_service, service_manager_type;
+type edgetpu_app_service, service_manager_type, isolated_compute_allowed_service;
diff --git a/edgetpu/sepolicy/untrusted_app_all.te b/edgetpu/sepolicy/untrusted_app_all.te
index 9abec61..3c92900 100644
--- a/edgetpu/sepolicy/untrusted_app_all.te
+++ b/edgetpu/sepolicy/untrusted_app_all.te
@@ -5,3 +5,5 @@
# by the EdgeTPU service.
allow untrusted_app_all edgetpu_device:chr_file { getattr read write ioctl map };
+# Allows EdgeTPU Tachyon service to call the app.
+binder_call(edgetpu_tachyon_server, untrusted_app_all);
diff --git a/gps/brcm/device.mk b/gps/brcm/device.mk
index 3065542..45b4eb0 100644
--- a/gps/brcm/device.mk
+++ b/gps/brcm/device.mk
@@ -1,14 +1,12 @@
BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gps/brcm/sepolicy
PRODUCT_SOONG_NAMESPACES += vendor/broadcom/gps/bcm47765
-
-SOONG_CONFIG_NAMESPACES += gpssdk
-SOONG_CONFIG_gpssdk += sdkv1
-SOONG_CONFIG_gpssdk_sdkv1 ?= false
-
-SOONG_CONFIG_NAMESPACES += gpssdk
-SOONG_CONFIG_gpssdk += gpsmcuversion
-SOONG_CONFIG_gpssdk_gpsmcuversion ?= gpsv2_$(TARGET_BUILD_VARIANT)
+ifeq (,$(call soong_config_get,gpssdk,sdkv1))
+ $(call soong_config_set,gpssdk,sdkv1,false)
+endif
+ifeq (,$(call soong_config_get,gpssdk,gpsmcuversion))
+ $(call soong_config_set,gpssdk,gpsmcuversion,gpsv2_$(TARGET_BUILD_VARIANT))
+endif
PRODUCT_PACKAGES += \
bcm47765_gps_package \
diff --git a/gps/pixel/sepolicy/file.te b/gps/pixel/sepolicy/file.te
deleted file mode 100644
index 79e95ab..0000000
--- a/gps/pixel/sepolicy/file.te
+++ /dev/null
@@ -1 +0,0 @@
-type sysfs_modem_state, sysfs_type, fs_type;
diff --git a/gpu/sepolicy/service_contexts b/gpu/sepolicy/service_contexts
new file mode 100644
index 0000000..88ee08c
--- /dev/null
+++ b/gpu/sepolicy/service_contexts
@@ -0,0 +1,4 @@
+# Note that native/passthrough HALs use the "{type}/{instance}" pattern from
+# SEPolicy perspective and are looked up via the corresponding filename
+# "{type}.{instance}.so".
+mapper/pixel u:object_r:hal_graphics_mapper_service:s0
diff --git a/gs_watchdogd/gs_watchdogd.cpp b/gs_watchdogd/gs_watchdogd.cpp
index 59b089c..82e01d0 100644
--- a/gs_watchdogd/gs_watchdogd.cpp
+++ b/gs_watchdogd/gs_watchdogd.cpp
@@ -14,9 +14,11 @@
* limitations under the License.
*/
+#include <android-base/chrono_utils.h>
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
+#include <android-base/unique_fd.h>
#include <errno.h>
#include <fcntl.h>
@@ -26,21 +28,28 @@
#include <string.h>
#include <unistd.h>
-#define DEV_GLOB "/sys/devices/platform/*.watchdog_cl0/watchdog/watchdog*"
+#include <chrono>
+#include <vector>
+
+#define DEV_GLOB "/sys/devices/platform/*.watchdog_cl*/watchdog/watchdog*"
+
+#define DEFAULT_INTERVAL 10s
+#define DEFAULT_MARGIN 10s
using android::base::Basename;
using android::base::StringPrintf;
+using std::literals::chrono_literals::operator""s;
int main(int argc, char** argv) {
android::base::InitLogging(argv, &android::base::KernelLogger);
- int interval = 10;
- if (argc >= 2) interval = atoi(argv[1]);
+ std::chrono::seconds interval = argc >= 2
+ ? std::chrono::seconds(atoi(argv[1])) : DEFAULT_INTERVAL;
+ std::chrono::seconds margin = argc >= 3
+ ? std::chrono::seconds(atoi(argv[2])) : DEFAULT_MARGIN;
- int margin = 10;
- if (argc >= 3) margin = atoi(argv[2]);
-
- LOG(INFO) << "gs_watchdogd started (interval " << interval << ", margin " << margin << ")!";
+ LOG(INFO) << "gs_watchdogd started (interval " << interval.count()
+ << ", margin " << margin.count() << ")!";
glob_t globbuf;
int ret = glob(DEV_GLOB, GLOB_MARK, nullptr, &globbuf);
@@ -49,40 +58,42 @@
return 1;
}
- if (globbuf.gl_pathc > 1) {
- PLOG(WARNING) << "Multiple watchdog dev path found by " << DEV_GLOB;
- }
+ std::vector<android::base::unique_fd> wdt_dev_fds;
- std::string dev_path = StringPrintf("/dev/%s", Basename(globbuf.gl_pathv[0]).c_str());
- globfree(&globbuf);
+ for (size_t i = 0; i < globbuf.gl_pathc; i++) {
+ std::chrono::seconds timeout = interval + margin;
+ int timeout_secs = timeout.count();
+ std::string dev_path = StringPrintf("/dev/%s", Basename(globbuf.gl_pathv[i]).c_str());
- int fd = open(dev_path.c_str(), O_RDWR | O_CLOEXEC);
- if (fd == -1) {
- PLOG(ERROR) << "Failed to open " << dev_path;
- return 1;
- }
+ int fd = TEMP_FAILURE_RETRY(open(dev_path.c_str(), O_RDWR | O_CLOEXEC));
+ if (fd == -1) {
+ PLOG(ERROR) << "Failed to open " << dev_path;
+ return 1;
+ }
- int timeout = interval + margin;
- ret = ioctl(fd, WDIOC_SETTIMEOUT, &timeout);
- if (ret) {
- PLOG(ERROR) << "Failed to set timeout to " << timeout;
- ret = ioctl(fd, WDIOC_GETTIMEOUT, &timeout);
+ wdt_dev_fds.emplace_back(fd);
+ ret = ioctl(fd, WDIOC_SETTIMEOUT, &timeout_secs);
if (ret) {
- PLOG(ERROR) << "Failed to get timeout";
- } else {
- if (timeout > margin) {
- interval = timeout - margin;
+ PLOG(ERROR) << "Failed to set timeout to " << timeout_secs;
+ ret = ioctl(fd, WDIOC_GETTIMEOUT, &timeout_secs);
+ if (ret) {
+ PLOG(ERROR) << "Failed to get timeout";
} else {
- interval = 1;
+ interval = timeout > margin ? timeout - margin : 1s;
+ LOG(WARNING) << "Adjusted interval to timeout returned by driver: "
+ << "timeout " << timeout_secs
+ << ", interval " << interval.count()
+ << ", margin " << margin.count();
}
- LOG(WARNING) << "Adjusted interval to timeout returned by driver: "
- << "timeout " << timeout << ", interval " << interval << ", margin "
- << margin;
}
}
+ globfree(&globbuf);
+
while (true) {
- write(fd, "", 1);
- sleep(interval);
+ for (const auto& fd : wdt_dev_fds) {
+ TEMP_FAILURE_RETRY(write(fd, "", 1));
+ }
+ sleep(interval.count());
}
}
diff --git a/insmod/insmod.sh b/insmod/insmod.sh
index 03843f5..8cac37e 100755
--- a/insmod/insmod.sh
+++ b/insmod/insmod.sh
@@ -66,6 +66,17 @@
"insmod") insmod $arg ;;
"setprop") setprop $arg 1 ;;
"enable") echo 1 > $arg ;;
+ "condinsmod")
+ prop=$(echo $arg | cut -d '|' -f 1)
+ module1=$(echo $arg | cut -d '|' -f 2)
+ module2=$(echo $arg | cut -d '|' -f 3)
+ value=$(getprop $prop)
+ if [[ ${value} == "true" ]]; then
+ insmod ${vendor_modules_dir}/${module1}
+ else
+ insmod ${vendor_modules_dir}/${module2}
+ fi
+ ;;
"modprobe")
case ${arg} in
"system -b *" | "system -b")
diff --git a/modem/shared_modem_platform/compatibility_matrix.xml b/modem/shared_modem_platform/compatibility_matrix.xml
new file mode 100644
index 0000000..5019c3e
--- /dev/null
+++ b/modem/shared_modem_platform/compatibility_matrix.xml
@@ -0,0 +1,11 @@
+<compatibility-matrix version="1.0" type="framework">
+ <!-- Optional since older devices will not register any services. -->
+ <hal format="aidl" optional="true">
+ <name>com.google.pixel.shared_modem_platform</name>
+ <version>1</version>
+ <interface>
+ <name>ISharedModemPlatform</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
+</compatibility-matrix>
diff --git a/modem/shared_modem_platform/sepolicy/attributes b/modem/shared_modem_platform/sepolicy/attributes
new file mode 100644
index 0000000..2cc802d
--- /dev/null
+++ b/modem/shared_modem_platform/sepolicy/attributes
@@ -0,0 +1 @@
+hal_attribute(shared_modem_platform)
diff --git a/modem/shared_modem_platform/sepolicy/hal_shared_modem_platform.te b/modem/shared_modem_platform/sepolicy/hal_shared_modem_platform.te
new file mode 100644
index 0000000..8771563
--- /dev/null
+++ b/modem/shared_modem_platform/sepolicy/hal_shared_modem_platform.te
@@ -0,0 +1,8 @@
+# Allow binder connection from client to server
+binder_call(hal_shared_modem_platform_client, hal_shared_modem_platform_server)
+
+# Allow client to find the service, server to register the service
+hal_attribute_service(hal_shared_modem_platform, hal_shared_modem_platform_service)
+
+# Allow binder communication from server to service_manager
+binder_use(hal_shared_modem_platform_server)
diff --git a/modem/shared_modem_platform/sepolicy/service.te b/modem/shared_modem_platform/sepolicy/service.te
new file mode 100644
index 0000000..390fde6
--- /dev/null
+++ b/modem/shared_modem_platform/sepolicy/service.te
@@ -0,0 +1 @@
+type hal_shared_modem_platform_service, hal_service_type, service_manager_type;
diff --git a/modem/shared_modem_platform/sepolicy/service_contexts b/modem/shared_modem_platform/sepolicy/service_contexts
new file mode 100644
index 0000000..58232f7
--- /dev/null
+++ b/modem/shared_modem_platform/sepolicy/service_contexts
@@ -0,0 +1,2 @@
+# Bind Shared Modem Platform AIDL service name to the SELinux type.
+com.google.pixel.shared_modem_platform.ISharedModemPlatform/default u:object_r:hal_shared_modem_platform_service:s0
diff --git a/modem/shared_modem_platform/shared_modem_platform.mk b/modem/shared_modem_platform/shared_modem_platform.mk
new file mode 100644
index 0000000..3f50c37
--- /dev/null
+++ b/modem/shared_modem_platform/shared_modem_platform.mk
@@ -0,0 +1,11 @@
+# This file is not included in `modem.mk` since this is included at the
+# beginning of each `device.mk` file, and so will be called before
+# `SHARED_MODEM_PLATFORM_VENDOR` is defined later in the file.
+SOONG_CONFIG_NAMESPACES += shared_modem_platform
+SOONG_CONFIG_shared_modem_platform += \
+ vendor
+SOONG_CONFIG_shared_modem_platform_vendor := $(SHARED_MODEM_PLATFORM_VENDOR)
+
+PRODUCT_PACKAGES += shared_modem_platform
+DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/modem/shared_modem_platform/compatibility_matrix.xml
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/modem/shared_modem_platform/sepolicy
diff --git a/mte/fullmte-pixel.mk b/mte/fullmte-pixel.mk
index 6cc525d..ac2aba8 100644
--- a/mte/fullmte-pixel.mk
+++ b/mte/fullmte-pixel.mk
@@ -3,6 +3,3 @@
PRODUCT_MODULE_BUILD_FROM_SOURCE := true
BOARD_KERNEL_CMDLINE += bootloader.pixel.MTE_FORCE_ON
-# TODO(b/324412910): Remove this when the stack-buffer-overflow is fixed.
-PRODUCT_PRODUCT_PROPERTIES += \
- arm64.memtag.process.android.hardware.composer.hwc3-service.pixel=off
\ No newline at end of file
diff --git a/performance/Android.bp b/performance/Android.bp
index 6eee7c4..c29b460 100644
--- a/performance/Android.bp
+++ b/performance/Android.bp
@@ -5,6 +5,7 @@
cc_binary {
name: "dump_perf",
srcs: ["dump_perf.cpp"],
+ init_rc: ["init.pixel-mm-gs.rc"],
cflags: [
"-Wall",
"-Wextra",
diff --git a/performance/init.pixel-mm-gs.rc b/performance/init.pixel-mm-gs.rc
new file mode 100644
index 0000000..9bc12e9
--- /dev/null
+++ b/performance/init.pixel-mm-gs.rc
@@ -0,0 +1,20 @@
+# Copyright (C) 2024 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+on init
+ # adjust PCP high level
+ write /proc/sys/vm/percpu_pagelist_high_fraction 430
+
+ # disable proactive compaction
+ write /proc/sys/vm/compaction_proactiveness 0
diff --git a/performance/sepolicy/vendor_init.te b/performance/sepolicy/vendor_init.te
new file mode 100644
index 0000000..fefecb1
--- /dev/null
+++ b/performance/sepolicy/vendor_init.te
@@ -0,0 +1,3 @@
+# MM
+allow vendor_init proc_percpu_pagelist_high_fraction:file w_file_perms;
+
diff --git a/radio/sepolicy/file.te b/radio/sepolicy/file.te
index 02d0209..95b24c0 100644
--- a/radio/sepolicy/file.te
+++ b/radio/sepolicy/file.te
@@ -1,6 +1,9 @@
# Data
type tcpdump_vendor_data_file, file_type, data_file_type;
+# Modem
+type sysfs_modem_state, sysfs_type, fs_type;
+
userdebug_or_eng(`
typeattribute tcpdump_vendor_data_file mlstrustedobject;
')
diff --git a/gps/pixel/sepolicy/genfs_contexts b/radio/sepolicy/genfs_contexts
similarity index 98%
rename from gps/pixel/sepolicy/genfs_contexts
rename to radio/sepolicy/genfs_contexts
index 494aa97..039f329 100644
--- a/gps/pixel/sepolicy/genfs_contexts
+++ b/radio/sepolicy/genfs_contexts
@@ -1,2 +1,3 @@
# modem state node
genfscon sysfs /devices/platform/cpif/modem_state u:object_r:sysfs_modem_state:s0
+
diff --git a/sota_app/factoryota-watch.mk b/sota_app/factoryota-watch.mk
new file mode 100644
index 0000000..3107a1c
--- /dev/null
+++ b/sota_app/factoryota-watch.mk
@@ -0,0 +1,4 @@
+PRODUCT_PACKAGES += \
+ FactoryOtaWearPrebuilt
+
+SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/sota_app/sepolicy/system_ext
diff --git a/storage/init.storage.rc b/storage/init.storage.rc
index 948e820..71fce43 100644
--- a/storage/init.storage.rc
+++ b/storage/init.storage.rc
@@ -6,6 +6,8 @@
# F2FS
write /dev/sys/fs/by-name/userdata/data_io_flag 8
write /dev/sys/fs/by-name/userdata/node_io_flag 8
+ write /dev/sys/fs/by-name/userdata/max_io_bytes 524288
+ write /dev/sys/fs/by-name/userdata/min_hot_blocks 0
# Block
write /dev/sys/block/by-name/rootdisk/queue/iostats 1
@@ -27,7 +29,7 @@
# Block
write /dev/sys/block/by-name/rootdisk/queue/iostats 0
- write /sys/sys/block/by-name/rootdisk/queue/nr_requests 256
+ write /dev/sys/block/by-name/rootdisk/queue/nr_requests 256
# UFS
write /dev/sys/block/bootdevice/clkgate_enable 0
diff --git a/touch/twoshay/sepolicy/device.te b/touch/twoshay/sepolicy/device.te
new file mode 100644
index 0000000..d3ce622
--- /dev/null
+++ b/touch/twoshay/sepolicy/device.te
@@ -0,0 +1 @@
+type touch_offload_device, dev_type;
diff --git a/touch/twoshay/sepolicy/dumpstate.te b/touch/twoshay/sepolicy/dumpstate.te
new file mode 100644
index 0000000..90f14b8
--- /dev/null
+++ b/touch/twoshay/sepolicy/dumpstate.te
@@ -0,0 +1,2 @@
+allow dumpstate touch_context_service:service_manager find;
+binder_call(dumpstate, twoshay)
diff --git a/touch/twoshay/sepolicy/file_contexts b/touch/twoshay/sepolicy/file_contexts
new file mode 100644
index 0000000..09728be
--- /dev/null
+++ b/touch/twoshay/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+/dev/touch_offload u:object_r:touch_offload_device:s0
+/vendor/bin/twoshay u:object_r:twoshay_exec:s0
diff --git a/touch/twoshay/sepolicy/hal_dumpstate_default.te b/touch/twoshay/sepolicy/hal_dumpstate_default.te
new file mode 100644
index 0000000..81edc36
--- /dev/null
+++ b/touch/twoshay/sepolicy/hal_dumpstate_default.te
@@ -0,0 +1,2 @@
+allow hal_dumpstate_default touch_context_service:service_manager find;
+binder_call(hal_dumpstate_default, twoshay)
diff --git a/touch/twoshay/sepolicy/platform_app.te b/touch/twoshay/sepolicy/platform_app.te
new file mode 100644
index 0000000..ac997a9
--- /dev/null
+++ b/touch/twoshay/sepolicy/platform_app.te
@@ -0,0 +1,4 @@
+allow platform_app gril_antenna_tuning_service:service_manager find;
+allow platform_app screen_protector_detector_service:service_manager find;
+allow platform_app touch_context_service:service_manager find;
+binder_call(platform_app, twoshay)
diff --git a/touch/twoshay/sepolicy/service.te b/touch/twoshay/sepolicy/service.te
new file mode 100644
index 0000000..4aa064d
--- /dev/null
+++ b/touch/twoshay/sepolicy/service.te
@@ -0,0 +1,3 @@
+type gril_antenna_tuning_service, service_manager_type, hal_service_type;
+type screen_protector_detector_service, service_manager_type, hal_service_type;
+type touch_context_service, service_manager_type, hal_service_type;
diff --git a/touch/twoshay/sepolicy/service_contexts b/touch/twoshay/sepolicy/service_contexts
new file mode 100644
index 0000000..f6aa1db
--- /dev/null
+++ b/touch/twoshay/sepolicy/service_contexts
@@ -0,0 +1,3 @@
+com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0
+com.google.input.algos.gril.IGrilAntennaTuningService/default u:object_r:gril_antenna_tuning_service:s0
+com.google.input.algos.spd.IScreenProtectorDetectorService/default u:object_r:screen_protector_detector_service:s0
diff --git a/touch/twoshay/sepolicy/touchflow_debug/file_contexts b/touch/twoshay/sepolicy/touchflow_debug/file_contexts
new file mode 100644
index 0000000..17dfe62
--- /dev/null
+++ b/touch/twoshay/sepolicy/touchflow_debug/file_contexts
@@ -0,0 +1,2 @@
+/vendor/bin/hw/android\.hardware\.input\.processor-reflector u:object_r:hal_input_processor_default_exec:s0
+/vendor/bin/twoshay_touchflow u:object_r:twoshay_exec:s0
diff --git a/touch/twoshay/sepolicy/twoshay.te b/touch/twoshay/sepolicy/twoshay.te
new file mode 100644
index 0000000..cd317a0
--- /dev/null
+++ b/touch/twoshay/sepolicy/twoshay.te
@@ -0,0 +1,27 @@
+type twoshay, domain;
+type twoshay_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(twoshay)
+
+allow twoshay touch_offload_device:chr_file rw_file_perms;
+allow twoshay twoshay:capability sys_nice;
+
+binder_use(twoshay)
+add_service(twoshay, gril_antenna_tuning_service)
+add_service(twoshay, screen_protector_detector_service)
+add_service(twoshay, touch_context_service)
+
+binder_call(twoshay, platform_app)
+
+allow twoshay fwk_stats_service:service_manager find;
+binder_call(twoshay, stats_service_server)
+
+# Allow dumpsys output in bugreports.
+allow twoshay dumpstate:fd use;
+allow twoshay dumpstate:fifo_file write;
+
+# b/198755236
+dontaudit twoshay twoshay:capability dac_override;
+
+# b/226830650
+dontaudit twoshay boot_status_prop:file read;
diff --git a/touch/twoshay/twoshay.mk b/touch/twoshay/twoshay.mk
new file mode 100644
index 0000000..bae0975
--- /dev/null
+++ b/touch/twoshay/twoshay.mk
@@ -0,0 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/twoshay/sepolicy
+PRODUCT_PACKAGES += twoshay
+PRODUCT_SOONG_NAMESPACES += vendor/google/interfaces vendor/google/input/twoshay
diff --git a/trusty/rpmb_dev/rpmb_dev.mk b/trusty/rpmb_dev/rpmb_dev.mk
new file mode 100644
index 0000000..31c68ef
--- /dev/null
+++ b/trusty/rpmb_dev/rpmb_dev.mk
@@ -0,0 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/trusty/rpmb_dev/sepolicy
+
+PRODUCT_PACKAGES += rpmb_dev
diff --git a/trusty/rpmb_dev/sepolicy/file_contexts b/trusty/rpmb_dev/sepolicy/file_contexts
new file mode 100644
index 0000000..1a44f7d
--- /dev/null
+++ b/trusty/rpmb_dev/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+# Binaries
+/vendor/bin/rpmb_dev u:object_r:rpmb_dev_exec:s0
diff --git a/trusty/rpmb_dev/sepolicy/rpmb_dev.te b/trusty/rpmb_dev/sepolicy/rpmb_dev.te
new file mode 100644
index 0000000..0f46e03
--- /dev/null
+++ b/trusty/rpmb_dev/sepolicy/rpmb_dev.te
@@ -0,0 +1,4 @@
+type rpmb_dev, domain;
+type rpmb_dev_exec, vendor_file_type, exec_type, file_type;
+
+init_daemon_domain(rpmb_dev)
diff --git a/tts/de-de/de-de-x-multi-r45.zvoice b/tts/de-de/de-de-x-multi-r45.zvoice
deleted file mode 100644
index 9fca341..0000000
--- a/tts/de-de/de-de-x-multi-r45.zvoice
+++ /dev/null
Binary files differ
diff --git a/tts/de-de/de-de-x-multi-r51.zvoice b/tts/de-de/de-de-x-multi-r51.zvoice
new file mode 100644
index 0000000..8ca49a3
--- /dev/null
+++ b/tts/de-de/de-de-x-multi-r51.zvoice
Binary files differ
diff --git a/tts/es-es/es-es-x-multi-r45.zvoice b/tts/es-es/es-es-x-multi-r45.zvoice
deleted file mode 100644
index 2e7cb61..0000000
--- a/tts/es-es/es-es-x-multi-r45.zvoice
+++ /dev/null
Binary files differ
diff --git a/tts/es-es/es-es-x-multi-r50.zvoice b/tts/es-es/es-es-x-multi-r50.zvoice
new file mode 100644
index 0000000..b42cae9
--- /dev/null
+++ b/tts/es-es/es-es-x-multi-r50.zvoice
Binary files differ
diff --git a/tts/fr-fr/fr-fr-x-multi-r46.zvoice b/tts/fr-fr/fr-fr-x-multi-r46.zvoice
deleted file mode 100644
index 9287d91..0000000
--- a/tts/fr-fr/fr-fr-x-multi-r46.zvoice
+++ /dev/null
Binary files differ
diff --git a/tts/fr-fr/fr-fr-x-multi-r51.zvoice b/tts/fr-fr/fr-fr-x-multi-r51.zvoice
new file mode 100644
index 0000000..2e3c160
--- /dev/null
+++ b/tts/fr-fr/fr-fr-x-multi-r51.zvoice
Binary files differ
diff --git a/tts/it-it/it-it-x-multi-r42.zvoice b/tts/it-it/it-it-x-multi-r42.zvoice
deleted file mode 100644
index a794804..0000000
--- a/tts/it-it/it-it-x-multi-r42.zvoice
+++ /dev/null
Binary files differ
diff --git a/tts/it-it/it-it-x-multi-r47.zvoice b/tts/it-it/it-it-x-multi-r47.zvoice
new file mode 100644
index 0000000..78dce63
--- /dev/null
+++ b/tts/it-it/it-it-x-multi-r47.zvoice
Binary files differ
diff --git a/tts/ja-jp/ja-jp-x-multi-r44.zvoice b/tts/ja-jp/ja-jp-x-multi-r44.zvoice
deleted file mode 100644
index 0d562b2..0000000
--- a/tts/ja-jp/ja-jp-x-multi-r44.zvoice
+++ /dev/null
Binary files differ
diff --git a/tts/ja-jp/ja-jp-x-multi-r49.zvoice b/tts/ja-jp/ja-jp-x-multi-r49.zvoice
new file mode 100644
index 0000000..c2f8c80
--- /dev/null
+++ b/tts/ja-jp/ja-jp-x-multi-r49.zvoice
Binary files differ
diff --git a/tts/voice_packs.mk b/tts/voice_packs.mk
index 0bb6d1a..7b95af9 100644
--- a/tts/voice_packs.mk
+++ b/tts/voice_packs.mk
@@ -15,8 +15,8 @@
# Voice packs for Text-To-Speech
PRODUCT_COPY_FILES += \
- device/google/gs-common/tts/ja-jp/ja-jp-x-multi-r44.zvoice:product/tts/google/ja-jp/ja-jp-x-multi-r44.zvoice\
- device/google/gs-common/tts/fr-fr/fr-fr-x-multi-r46.zvoice:product/tts/google/fr-fr/fr-fr-x-multi-r46.zvoice\
- device/google/gs-common/tts/de-de/de-de-x-multi-r45.zvoice:product/tts/google/de-de/de-de-x-multi-r45.zvoice\
- device/google/gs-common/tts/it-it/it-it-x-multi-r42.zvoice:product/tts/google/it-it/it-it-x-multi-r42.zvoice\
- device/google/gs-common/tts/es-es/es-es-x-multi-r45.zvoice:product/tts/google/es-es/es-es-x-multi-r45.zvoice
+ device/google/gs-common/tts/ja-jp/ja-jp-x-multi-r49.zvoice:product/tts/google/ja-jp/ja-jp-x-multi-r49.zvoice\
+ device/google/gs-common/tts/fr-fr/fr-fr-x-multi-r51.zvoice:product/tts/google/fr-fr/fr-fr-x-multi-r51.zvoice\
+ device/google/gs-common/tts/de-de/de-de-x-multi-r51.zvoice:product/tts/google/de-de/de-de-x-multi-r51.zvoice\
+ device/google/gs-common/tts/it-it/it-it-x-multi-r47.zvoice:product/tts/google/it-it/it-it-x-multi-r47.zvoice\
+ device/google/gs-common/tts/es-es/es-es-x-multi-r50.zvoice:product/tts/google/es-es/es-es-x-multi-r50.zvoice
diff --git a/umfw_stat/dump_umfw_stat.cpp b/umfw_stat/dump_umfw_stat.cpp
index 627144b..6c3594d 100644
--- a/umfw_stat/dump_umfw_stat.cpp
+++ b/umfw_stat/dump_umfw_stat.cpp
@@ -27,13 +27,13 @@
// Dump AoC statistics.
// TODO(b/272300997): Add timeouts for requests.
runCommand("AoC A32 statistics",
- "timeout 5 /vendor/bin/umfw_stat_tool -s aoc:1 get_all");
+ "timeout 0.5 /vendor/bin/umfw_stat_tool -s aoc:1 get_all");
runCommand("AoC FF1 statistics",
- "timeout 5 /vendor/bin/umfw_stat_tool -s aoc:2 get_all");
+ "timeout 0.5 /vendor/bin/umfw_stat_tool -s aoc:2 get_all");
runCommand("AoC HF0 statistics",
- "timeout 5 /vendor/bin/umfw_stat_tool -s aoc:3 get_all");
+ "timeout 0.5 /vendor/bin/umfw_stat_tool -s aoc:3 get_all");
runCommand("AoC HF1 statistics",
- "timeout 5 /vendor/bin/umfw_stat_tool -s aoc:4 get_all");
+ "timeout 0.5 /vendor/bin/umfw_stat_tool -s aoc:4 get_all");
return 0;
}
diff --git a/widevine/widevine.mk b/widevine/widevine.mk
index 420806e..c59c7b9 100644
--- a/widevine/widevine.mk
+++ b/widevine/widevine.mk
@@ -1,13 +1,4 @@
PRODUCT_PACKAGES += \
android.hardware.drm-service.clearkey \
-ifdef RELEASE_PACKAGE_WIDEVINE
- PRODUCT_PACKAGES += $(RELEASE_PACKAGE_WIDEVINE)
- ifneq ($(wildcard vendor/google/dev-keystore),)
- $(call soong_config_set,widevine,use_devkey,true)
- endif
- PRODUCT_VENDOR_LINKER_CONFIG_FRAGMENTS += \
- vendor/widevine/libwvdrmengine/apex/device/linker.config.json
-else
- -include vendor/widevine/libwvdrmengine/apex/device/device.mk
-endif
\ No newline at end of file
+-include vendor/widevine/libwvdrmengine/apex/device/device.mk
\ No newline at end of file