Merge "organize EdgeTPU modules and sepolicy" into sc-dev
diff --git a/tracking_denials/bluetooth.te b/tracking_denials/bluetooth.te
new file mode 100644
index 0000000..ff6d7f9
--- /dev/null
+++ b/tracking_denials/bluetooth.te
@@ -0,0 +1,2 @@
+# b/190563916
+dontaudit bluetooth sysfs_vendor_sched:dir search;
diff --git a/tracking_denials/hal_neuralnetworks_armnn.te b/tracking_denials/hal_neuralnetworks_armnn.te
index 0494146..120510f 100644
--- a/tracking_denials/hal_neuralnetworks_armnn.te
+++ b/tracking_denials/hal_neuralnetworks_armnn.te
@@ -1,3 +1,5 @@
# b/180550063
dontaudit hal_neuralnetworks_armnn system_data_file:dir { search };
dontaudit hal_neuralnetworks_armnn system_data_file:dir { search };
+# b/190563897
+dontaudit hal_neuralnetworks_armnn default_prop:file read;
diff --git a/tracking_denials/logger_app.te b/tracking_denials/logger_app.te
deleted file mode 100644
index c927c3a..0000000
--- a/tracking_denials/logger_app.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/190337281
-dontaudit logger_app sysfs_vendor_sched:dir search;
diff --git a/tracking_denials/priv_app.te b/tracking_denials/priv_app.te
index bebe393..f3e3453 100644
--- a/tracking_denials/priv_app.te
+++ b/tracking_denials/priv_app.te
@@ -1,2 +1,4 @@
# b/187016930
dontaudit priv_app fwk_stats_service:service_manager find ;
+# b/190563838
+dontaudit priv_app sysfs_chip_id:file getattr;
diff --git a/tracking_denials/shell.te b/tracking_denials/shell.te
deleted file mode 100644
index dd01cb3..0000000
--- a/tracking_denials/shell.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/190336524
-dontaudit shell sysfs_vendor_sched:dir search;
diff --git a/tracking_denials/untrusted_app.te b/tracking_denials/untrusted_app.te
index d81c48d..9b098f8 100644
--- a/tracking_denials/untrusted_app.te
+++ b/tracking_denials/untrusted_app.te
@@ -2,5 +2,3 @@
dontaudit untrusted_app vendor_camera_prop:file { read };
dontaudit untrusted_app vendor_camera_prop:file { read };
dontaudit untrusted_app vendor_camera_prop:file { read };
-# b/190337295
-dontaudit untrusted_app sysfs_vendor_sched:dir search;
diff --git a/vendor/google/bug_map b/vendor/google/bug_map
index 370a335..664a716 100644
--- a/vendor/google/bug_map
+++ b/vendor/google/bug_map
@@ -1,2 +1,3 @@
bluetooth sysfs_vendor_sched file b/190336525
mediaprovider_app sysfs_vendor_sched file b/190336723
+hal_graphics_composer_default sysfs_lhbm file b/190563896
diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te
index 3518bea..e0a05a5 100644
--- a/whitechapel/vendor/google/file.te
+++ b/whitechapel/vendor/google/file.te
@@ -132,6 +132,7 @@
type persist_camera_file, file_type;
type vendor_camera_tuning_file, vendor_file_type, file_type;
type vendor_camera_data_file, file_type, data_file_type;
+type sysfs_camera, sysfs_type, fs_type;
# Vendor sched files
type sysfs_vendor_sched, sysfs_type, fs_type;
diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts
index f384ae6..2173754 100644
--- a/whitechapel/vendor/google/genfs_contexts
+++ b/whitechapel/vendor/google/genfs_contexts
@@ -310,3 +310,7 @@
# SJTAG
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0
+
+# Camera
+genfscon sysfs /devices/platform/17000030.devfreq_intcam/devfreq/17000030.devfreq_intcam/min_freq u:object_r:sysfs_camera:s0
+genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/min_freq u:object_r:sysfs_camera:s0
diff --git a/whitechapel/vendor/google/hal_power_default.te b/whitechapel/vendor/google/hal_power_default.te
index 4b95db7..cc5fe8f 100644
--- a/whitechapel/vendor/google/hal_power_default.te
+++ b/whitechapel/vendor/google/hal_power_default.te
@@ -6,7 +6,12 @@
allow hal_power_default sysfs_gpu:file rw_file_perms;
allow hal_power_default sysfs_devfreq_dir:dir r_dir_perms;
allow hal_power_default sysfs_fabric:file rw_file_perms;
+allow hal_power_default sysfs_camera:file rw_file_perms;
allow hal_power_default sysfs_display:file rw_file_perms;
+allow hal_power_default thermal_link_device:dir r_dir_perms;
+allow hal_power_default sysfs_thermal:dir r_dir_perms;
+allow hal_power_default sysfs_thermal:file rw_file_perms;
+allow hal_power_default sysfs_thermal:lnk_file r_file_perms;
set_prop(hal_power_default, vendor_camera_prop)
set_prop(hal_power_default, vendor_camera_debug_prop)
set_prop(hal_power_default, vendor_camera_fatp_prop)
diff --git a/whitechapel/vendor/google/logger_app.te b/whitechapel/vendor/google/logger_app.te
index fac3b5e..8c8f519 100644
--- a/whitechapel/vendor/google/logger_app.te
+++ b/whitechapel/vendor/google/logger_app.te
@@ -24,4 +24,5 @@
set_prop(logger_app, vendor_wifi_sniffer_prop)
dontaudit logger_app default_prop:file { read };
+ dontaudit logger_app sysfs_vendor_sched:dir search;
')
diff --git a/tracking_denials/mediaprovider.te b/whitechapel/vendor/google/mediaprovider.te
similarity index 79%
rename from tracking_denials/mediaprovider.te
rename to whitechapel/vendor/google/mediaprovider.te
index db311ea..a1b629f 100644
--- a/tracking_denials/mediaprovider.te
+++ b/whitechapel/vendor/google/mediaprovider.te
@@ -1,2 +1 @@
-# b/190336723
dontaudit mediaprovider sysfs_vendor_sched:dir search;
diff --git a/whitechapel/vendor/google/shell.te b/whitechapel/vendor/google/shell.te
index 3dd4a70..aa4dfa4 100644
--- a/whitechapel/vendor/google/shell.te
+++ b/whitechapel/vendor/google/shell.te
@@ -5,3 +5,5 @@
allow shell sysfs_sjtag:dir r_dir_perms;
allow shell sysfs_sjtag:file rw_file_perms;
')
+
+dontaudit shell sysfs_vendor_sched:dir search;
diff --git a/whitechapel/vendor/google/untrusted_app.te b/whitechapel/vendor/google/untrusted_app.te
new file mode 100644
index 0000000..4fbfe93
--- /dev/null
+++ b/whitechapel/vendor/google/untrusted_app.te
@@ -0,0 +1 @@
+dontaudit untrusted_app sysfs_vendor_sched:dir search;
diff --git a/tracking_denials/untrusted_app_29.te b/whitechapel/vendor/google/untrusted_app_29.te
similarity index 80%
rename from tracking_denials/untrusted_app_29.te
rename to whitechapel/vendor/google/untrusted_app_29.te
index bf68b84..844bb6a 100644
--- a/tracking_denials/untrusted_app_29.te
+++ b/whitechapel/vendor/google/untrusted_app_29.te
@@ -1,2 +1 @@
-# b/190336841
dontaudit untrusted_app_29 sysfs_vendor_sched:dir search;