[automerger skipped] Merge 24Q4 (ab/12406339) into aosp-main-future am: 86288119b4 -s ours
am skip reason: Merged-In I8a46aae725a9e912681068df9c219e5a91784305 with SHA-1 9e9fa88ba6 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/30284974
Change-Id: I3d1436c45eac59b6cc98f27b2000d837fc110d8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map
index 0f17944..e01f4cf 100644
--- a/tracking_denials/bug_map
+++ b/tracking_denials/bug_map
@@ -13,6 +13,12 @@
kernel kernel capability b/340722537
kernel kernel capability b/340723030
kernel tmpfs chr_file b/315907959
+modem_svc_sit hal_radioext_default process b/372348067
+pixelstats_vendor block_device dir b/369537606
+pixelstats_vendor block_device dir b/369735407
+platform_app vendor_fw_file dir b/372122654
+platform_app vendor_rild_prop file b/372122654
+ramdump ramdump capability b/369538457
rfsd vendor_cbd_prop file b/317734418
shell sysfs_net file b/329380904
ssr_detector_app default_prop file b/350831964
@@ -30,3 +36,5 @@
vendor_init default_prop property_service b/315104713
vendor_init default_prop property_service b/366115458
vendor_init default_prop property_service b/366116214
+vendor_init default_prop property_service b/369735133
+vendor_init default_prop property_service b/369735170
diff --git a/whitechapel/vendor/google/dump_power.te b/whitechapel/vendor/google/dump_power.te
new file mode 100644
index 0000000..cf7c14e
--- /dev/null
+++ b/whitechapel/vendor/google/dump_power.te
@@ -0,0 +1,24 @@
+# Allow dumpstate to execute dump_power
+pixel_bugreport(dump_power);
+
+allow dump_power sysfs_acpm_stats:dir r_dir_perms;
+allow dump_power sysfs_acpm_stats:file r_file_perms;
+allow dump_power sysfs_cpu:file r_file_perms;
+allow dump_power sysfs_wlc:file r_file_perms;
+allow dump_power sysfs_wlc:dir search;
+allow dump_power sysfs_batteryinfo:dir r_dir_perms;
+allow dump_power sysfs_batteryinfo:file r_file_perms;
+allow dump_power logbuffer_device:chr_file r_file_perms;
+allow dump_power mitigation_vendor_data_file:dir r_dir_perms;
+allow dump_power mitigation_vendor_data_file:file r_file_perms;
+allow dump_power sysfs_bcl:dir r_dir_perms;
+allow dump_power sysfs_bcl:file r_file_perms;
+
+userdebug_or_eng(`
+ r_dir_file(dump_power, vendor_battery_debugfs)
+ r_dir_file(dump_power, vendor_maxfg_debugfs)
+ r_dir_file(dump_power, vendor_charger_debugfs)
+ r_dir_file(dump_power, vendor_votable_debugfs)
+ allow dump_power debugfs:dir r_dir_perms;
+ allow dump_power vendor_usb_debugfs:dir { search };
+')
diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts
index 1639c3a..fc845ff 100644
--- a/whitechapel/vendor/google/file_contexts
+++ b/whitechapel/vendor/google/file_contexts
@@ -16,7 +16,7 @@
/(vendor|system/vendor)/lib(64)?/libgpudataproducer\.so u:object_r:same_process_hal_file:s0
/vendor/bin/dumpsys u:object_r:vendor_dumpsys:s0
-
+/vendor/bin/dump/dump_power u:object_r:dump_power_exec:s0
#
# HALs
#
@@ -244,8 +244,8 @@
# TCP logging
/vendor/bin/tcpdump_logger u:object_r:tcpdump_logger_exec:s0
-# modem_svc_sit files
-/vendor/bin/modem_svc_sit u:object_r:modem_svc_sit_exec:s0
+# shared_modem_platform files
+/vendor/bin/shared_modem_platform u:object_r:modem_svc_sit_exec:s0
/data/vendor/modem_stat(/.*)? u:object_r:modem_stat_data_file:s0
# modem mnt files
diff --git a/whitechapel/vendor/google/hwservice_contexts b/whitechapel/vendor/google/hwservice_contexts
index baf720b..577a678 100644
--- a/whitechapel/vendor/google/hwservice_contexts
+++ b/whitechapel/vendor/google/hwservice_contexts
@@ -11,7 +11,6 @@
vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal u:object_r:hal_exynos_rild_hwservice:s0
# VIDEO
-android.hardware.media.c2::IComponentStore u:object_r:hal_codec2_hwservice:s0
android.hardware.media.c2::IConfigurable u:object_r:hal_codec2_hwservice:s0
# GRIL HAL
diff --git a/whitechapel/vendor/google/modem_svc_sit.te b/whitechapel/vendor/google/modem_svc_sit.te
index 8e4ac3d..e0379a8 100644
--- a/whitechapel/vendor/google/modem_svc_sit.te
+++ b/whitechapel/vendor/google/modem_svc_sit.te
@@ -1,3 +1,4 @@
+# Selinux rule for modem_svc_sit daemon
type modem_svc_sit, domain;
type modem_svc_sit_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(modem_svc_sit)
@@ -31,6 +32,9 @@
# logging property
get_prop(modem_svc_sit, vendor_logger_prop)
+# Modem SVC will register the default instance of the AIDL ISharedModemPlatform hal.
+hal_server_domain(modem_svc_sit, hal_shared_modem_platform)
+
# Modem property
set_prop(modem_svc_sit, vendor_modem_prop)
diff --git a/whitechapel/vendor/google/service_contexts b/whitechapel/vendor/google/service_contexts
index 2536252..074dedf 100644
--- a/whitechapel/vendor/google/service_contexts
+++ b/whitechapel/vendor/google/service_contexts
@@ -3,4 +3,3 @@
android.hardware.drm.IDrmFactory/widevine u:object_r:hal_drm_service:s0
vendor.google.wireless_charger.IWirelessCharger/default u:object_r:hal_wireless_charger_service:s0
rlsservice u:object_r:rls_service:s0
-android.hardware.media.c2.IComponentStore/default1 u:object_r:hal_codec2_service:s0