Merge "collect bt activities log files dump to bugreport" into main
diff --git a/display/sepolicy/genfs_contexts b/display/sepolicy/genfs_contexts
index 9eaf5fb..7c46278 100644
--- a/display/sepolicy/genfs_contexts
+++ b/display/sepolicy/genfs_contexts
@@ -1,3 +1,3 @@
genfscon debugfs /dri/0/crtc- u:object_r:vendor_dri_debugfs:s0
-
+genfscon sysfs /module/drm/parameters/debug u:object_r:sysfs_display:s0
diff --git a/edgetpu/sepolicy/appdomain.te b/edgetpu/sepolicy/appdomain.te
index 804a202..d3239ab 100644
--- a/edgetpu/sepolicy/appdomain.te
+++ b/edgetpu/sepolicy/appdomain.te
@@ -1,5 +1,8 @@
-# Allow apps to read tflite Darwinn delegate properties
+# Allow apps to read tflite DarwiNN delegate properties
get_prop(appdomain, vendor_tflite_delegate_prop)
+# Allow apps to read DarwiNN runtime properties
+get_prop(appdomain, vendor_edgetpu_runtime_prop)
+
# Allow apps to read hetero runtime properties
get_prop(appdomain, vendor_hetero_runtime_prop)
diff --git a/edgetpu/sepolicy/edgetpu_dba_service.te b/edgetpu/sepolicy/edgetpu_dba_service.te
index da210da..1c30b76 100644
--- a/edgetpu/sepolicy/edgetpu_dba_service.te
+++ b/edgetpu/sepolicy/edgetpu_dba_service.te
@@ -41,8 +41,10 @@
# under userdebug builds.
userdebug_or_eng(`perfetto_producer(edgetpu_dba_server)')
-# Allow EdgeTPU DBA service to read tflite Darwinn delegate properties
+# Allow EdgeTPU DBA service to read tflite DarwiNN delegate properties
get_prop(edgetpu_dba_server, vendor_tflite_delegate_prop)
+# Allow EdgeTPU DBA service to read DarwiNN runtime properties
+get_prop(edgetpu_dba_server, vendor_edgetpu_runtime_prop)
# Allow EdgeTPU DBA service to read hetero runtime properties
get_prop(edgetpu_dba_server, vendor_hetero_runtime_prop)
# Allow EdgeTPU DBA service to read EdgeTPU CPU scheduler properties
diff --git a/edgetpu/sepolicy/edgetpu_tachyon_service.te b/edgetpu/sepolicy/edgetpu_tachyon_service.te
index fbe3edf..66a4667 100644
--- a/edgetpu/sepolicy/edgetpu_tachyon_service.te
+++ b/edgetpu/sepolicy/edgetpu_tachyon_service.te
@@ -38,8 +38,10 @@
# under userdebug builds.
userdebug_or_eng(`perfetto_producer(edgetpu_tachyon_server)')
-# Allow Tachyon service to read tflite Darwinn delegate properties
+# Allow Tachyon service to read tflite DarwiNN delegate properties
get_prop(edgetpu_tachyon_server, vendor_tflite_delegate_prop)
+# Allow Tachyon service to read DarwiNN runtime properties
+get_prop(edgetpu_tachyon_server, vendor_edgetpu_runtime_prop)
# Allow Tachyon service to read hetero runtime properties
get_prop(edgetpu_tachyon_server, vendor_hetero_runtime_prop)
# Allow Tachyon service to read EdgeTPU CPU scheduler properties
diff --git a/edgetpu/sepolicy/hal_camera_default.te b/edgetpu/sepolicy/hal_camera_default.te
index 3c09f2f..624533a 100644
--- a/edgetpu/sepolicy/hal_camera_default.te
+++ b/edgetpu/sepolicy/hal_camera_default.te
@@ -1,5 +1,8 @@
-# Allow camera HAL to read tflite Darwinn delegate properties
+# Allow camera HAL to read tflite DarwiNN delegate properties
get_prop(hal_camera_default, vendor_tflite_delegate_prop)
+# Allow camera HAL to read DarwiNN runtime properties
+get_prop(hal_camera_default, vendor_edgetpu_runtime_prop)
+
# Allow camera HAL to read hetero runtime properties
get_prop(hal_camera_default, vendor_hetero_runtime_prop)
diff --git a/edgetpu/sepolicy/hal_neuralnetworks_darwinn.te b/edgetpu/sepolicy/hal_neuralnetworks_darwinn.te
index f867528..b65a30e 100644
--- a/edgetpu/sepolicy/hal_neuralnetworks_darwinn.te
+++ b/edgetpu/sepolicy/hal_neuralnetworks_darwinn.te
@@ -54,5 +54,7 @@
# Allow NNAPI HAL to read tflite DarwiNN delegate properties
get_prop(hal_neuralnetworks_darwinn, vendor_tflite_delegate_prop)
+# Allow NNAPI HAL to read DarwiNN runtime properties
+get_prop(hal_neuralnetworks_darwinn, vendor_edgetpu_runtime_prop)
# Allow NNAPI HAL to read hetero runtime properties
get_prop(hal_neuralnetworks_darwinn, vendor_hetero_runtime_prop)
diff --git a/edgetpu/sepolicy/property.te b/edgetpu/sepolicy/property.te
index 625ed0a..f0ec931 100644
--- a/edgetpu/sepolicy/property.te
+++ b/edgetpu/sepolicy/property.te
@@ -2,13 +2,16 @@
# since it lives under /system_ext/.
system_public_prop(vendor_edgetpu_service_prop)
-# Tflite Darwinn delegate properties are written once by vendor_init,
-# and then read by apps, camera hal, and some Darwinn vendor services.
+# Tflite DarwiNN delegate properties are written once by vendor_init,
+# and then read by apps, camera hal, and some DarwiNN vendor services.
system_vendor_config_prop(vendor_tflite_delegate_prop)
# The EdgeTPU CPU scheduler properties are written once by vendor_init,
# and then read by HAL service.
system_vendor_config_prop(vendor_edgetpu_cpu_scheduler_prop)
+# DarwiNN runtime properties.
+system_vendor_config_prop(vendor_edgetpu_runtime_prop)
+
# Hetero runtime properties, including tracing levels.
system_vendor_config_prop(vendor_hetero_runtime_prop)
diff --git a/edgetpu/sepolicy/property_contexts b/edgetpu/sepolicy/property_contexts
index dabbd20..76c394f 100644
--- a/edgetpu/sepolicy/property_contexts
+++ b/edgetpu/sepolicy/property_contexts
@@ -1,6 +1,7 @@
# for EdgeTPU
vendor.edgetpu.service. u:object_r:vendor_edgetpu_service_prop:s0
vendor.edgetpu.cpu_scheduler. u:object_r:vendor_edgetpu_cpu_scheduler_prop:s0
+vendor.edgetpu.runtime. u:object_r:vendor_edgetpu_runtime_prop:s0
# for DarwinnDelegate
vendor.edgetpu.tflite_delegate. u:object_r:vendor_tflite_delegate_prop:s0
diff --git a/gyotaku_app/sepolicy/gyotaku_app.te b/gyotaku_app/sepolicy/gyotaku_app.te
index 28fa93b..80123cf 100644
--- a/gyotaku_app/sepolicy/gyotaku_app.te
+++ b/gyotaku_app/sepolicy/gyotaku_app.te
@@ -1,34 +1,25 @@
type gyotaku_app, domain;
-app_domain(gyotaku_app)
-
userdebug_or_eng(`
+ app_domain(gyotaku_app)
+ net_domain(gyotaku_app)
+
# For Gyotaku app common use
allow gyotaku_app app_api_service:service_manager find;
allow gyotaku_app privapp_data_file:lnk_file read;
- allow gyotaku_app gyotaku_app:udp_socket create;
allow gyotaku_app system_app_data_file:dir create_dir_perms;
allow gyotaku_app system_app_data_file:file create_file_perms;
- # For cloud and network related use
- allow gyotaku_app dnsproxyd_socket:sock_file write;
- allow gyotaku_app gyotaku_app:udp_socket connect;
- allow gyotaku_app netd:unix_stream_socket connectto;
- allow gyotaku_app gyotaku_app:tcp_socket create;
- allow gyotaku_app privapp_data_file:file execute;
- allow netd gyotaku_app:fd use;
- allow netd gyotaku_app:tcp_socket {read write};
-
# For access /proc/fs/f2fs/* storage use
allow gyotaku_app proc_f2fs:dir search;
- allow gyotaku_app proc_f2fs:file {open read};
+ allow gyotaku_app proc_f2fs:file r_file_perms;
# For access /proc/stat use
- allow gyotaku_app proc_stat:file {read open getattr};
+ allow gyotaku_app proc_stat:file r_file_perms;
# For getproperty isDebuggable use
get_prop(gyotaku_app, userdebug_or_eng_prop)
- # For persiste property use
- allow gyotaku_app logpersistd_logging_prop:file {read open getattr map};
+ # For persistent property use
+ get_prop(gyotaku_app, logpersistd_logging_prop);
')
diff --git a/mediacodec/samsung/sepolicy/file.te b/mediacodec/samsung/sepolicy/file.te
index 99c3b66..2b95172 100644
--- a/mediacodec/samsung/sepolicy/file.te
+++ b/mediacodec/samsung/sepolicy/file.te
@@ -1 +1,2 @@
type sysfs_mfc, sysfs_type, fs_type;
+type sysfs_force_empty, sysfs_type, fs_type;
diff --git a/mediacodec/samsung/sepolicy/genfs_contexts b/mediacodec/samsung/sepolicy/genfs_contexts
index d44d760..0e48616 100644
--- a/mediacodec/samsung/sepolicy/genfs_contexts
+++ b/mediacodec/samsung/sepolicy/genfs_contexts
@@ -1 +1,2 @@
genfscon sysfs /devices/platform/mfc/video4linux/video u:object_r:sysfs_mfc:s0
+genfscon sysfs /kernel/vendor_mm/cma/vframe/force_empty u:object_r:sysfs_force_empty:s0
diff --git a/mediacodec/samsung/sepolicy/mediacodec_samsung.te b/mediacodec/samsung/sepolicy/mediacodec_samsung.te
index efc83d7..b5bd996 100644
--- a/mediacodec/samsung/sepolicy/mediacodec_samsung.te
+++ b/mediacodec/samsung/sepolicy/mediacodec_samsung.te
@@ -14,6 +14,9 @@
allow mediacodec_samsung sysfs_mfc:file r_file_perms;
allow mediacodec_samsung sysfs_mfc:dir r_dir_perms;
+allow mediacodec_samsung sysfs_force_empty:dir r_file_perms;
+allow mediacodec_samsung sysfs_force_empty:file rw_file_perms;
+
# can use graphics allocator
hal_client_domain(mediacodec_samsung, hal_graphics_allocator)