commit cd48eff87e881a50d82bd471948c9a1c2412451b
author TreeHugger Robot <treehugger-gerrit@google.com> Thu Mar 25 10:14:29 2021 +0000
committer Android (Google) Code Review <android-gerrit@google.com> Thu Mar 25 10:14:29 2021 +0000
tree d7e9f41ed2e18741c3e8c850d7ee0e6b95fb0c09
parent efa5d950e502489a0d16d309d3d5292d6dac6394
parent 1ee31d4589057b821c113e395cb1558642e6dce2

Merge "thermal: add thermalhal related policy" into sc-dev

citadel/citadeld.te

diff --git a/citadel/citadeld.te b/citadel/citadeld.te
index 266dee2..9490258 100644
--- a/citadel/citadeld.te
+++ b/citadel/citadeld.te
@@ -16,3 +16,5 @@
 get_prop(citadeld, hwservicemanager_prop)
 allow citadeld fwk_stats_hwservice:hwservice_manager find;
 binder_call(citadeld, stats_service_server)
+allow citadeld fwk_stats_service:service_manager find;
+binder_use(citadeld)

citadel/vndservice_contexts

diff --git a/citadel/vndservice_contexts b/citadel/vndservice_contexts
index 2e1be43..b4df996 100644
--- a/citadel/vndservice_contexts
+++ b/citadel/vndservice_contexts
@@ -1,2 +1 @@
 android.hardware.citadel.ICitadeld  u:object_r:citadeld_service:s0
-power.stats-vendor                  u:object_r:hal_power_stats_vendor_service:s0

common/file.te

diff --git a/common/file.te b/common/file.te
index ac1079a..8fb41bc 100644
--- a/common/file.te
+++ b/common/file.te
@@ -1 +1,2 @@
 type persist_file, file_type, vendor_persist_type;
+type sysfs_iio_devices, fs_type, sysfs_type;

common/genfs_contexts

diff --git a/common/genfs_contexts b/common/genfs_contexts
new file mode 100644
index 0000000..d762381
--- /dev/null
+++ b/common/genfs_contexts
@@ -0,0 +1 @@
+genfscon sysfs /bus/iio/devices                       u:object_r:sysfs_iio_devices:s0

pixelstats/file.te

diff --git a/pixelstats/file.te b/pixelstats/file.te
new file mode 100644
index 0000000..76f87a2
--- /dev/null
+++ b/pixelstats/file.te
@@ -0,0 +1,2 @@
+type debugfs_mgm, debugfs_type, fs_type;
+type sysfs_pixel_stat, fs_type, sysfs_type;

pixelstats/genfs_contexts

diff --git a/pixelstats/genfs_contexts b/pixelstats/genfs_contexts
new file mode 100644
index 0000000..8eee8bb
--- /dev/null
+++ b/pixelstats/genfs_contexts
@@ -0,0 +1,2 @@
+genfscon debugfs /physical-memory-group-manager                          u:object_r:debugfs_mgm:s0
+genfscon sysfs /kernel/pixel_stat                                        u:object_r:sysfs_pixel_stat:s0

pixelstats/pixelstats_vendor.te

diff --git a/pixelstats/pixelstats_vendor.te b/pixelstats/pixelstats_vendor.te
index e5ddfb9..e728992 100644
--- a/pixelstats/pixelstats_vendor.te
+++ b/pixelstats/pixelstats_vendor.te
@@ -1,11 +1,30 @@
+# UeventListener
+r_dir_file(pixelstats_vendor, sysfs_batteryinfo)
+allow pixelstats_vendor sysfs_batteryinfo:file w_file_perms;
+allow pixelstats_vendor self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
+
 allow pixelstats_vendor sysfs_scsi_devices_0000:dir search;
 allow pixelstats_vendor sysfs_scsi_devices_0000:file r_file_perms;
 allow pixelstats_vendor sysfs_fs_f2fs:dir search;
-allow pixelstats_vendor sysfs_fs_f2fs:file r_file_perms;
+allow pixelstats_vendor sysfs_fs_f2fs:file rw_file_perms;
 get_prop(pixelstats_vendor, boottime_public_prop)
 
-allow pixelstats_vendor fwk_stats_hwservice:hwservice_manager find;
+allow pixelstats_vendor fwk_stats_service:service_manager find;
 binder_call(pixelstats_vendor, stats_service_server)
 
 allow pixelstats_vendor sysfs_zram:dir search;
 allow pixelstats_vendor sysfs_zram:file r_file_perms;
+allow pixelstats_vendor sysfs_pixel_stat:dir r_dir_perms;
+allow pixelstats_vendor sysfs_pixel_stat:file r_file_perms;
+
+userdebug_or_eng(`
+  allow pixelstats_vendor proc_vmstat:file r_file_perms;
+  allow pixelstats_vendor sysfs_ion:dir search;
+  allow pixelstats_vendor sysfs_ion:file r_file_perms;
+  allow pixelstats_vendor sysfs_dma_heap:dir search;
+  allow pixelstats_vendor sysfs_dma_heap:file r_file_perms;
+  allow pixelstats_vendor debugfs_mgm:dir r_dir_perms;
+  allow pixelstats_vendor debugfs_mgm:file r_file_perms;
+  allow pixelstats_vendor kernel:dir search;
+  allow pixelstats_vendor kernel:file r_file_perms;
+')

powerstats/file.te

diff --git a/powerstats/file.te b/powerstats/file.te
new file mode 100644
index 0000000..0df8fa5
--- /dev/null
+++ b/powerstats/file.te
@@ -0,0 +1 @@
+type sysfs_power_stats, fs_type, sysfs_type;

powerstats/hal_power_stats_default.te

diff --git a/powerstats/hal_power_stats_default.te b/powerstats/hal_power_stats_default.te
index 7e00470..52779d2 100644
--- a/powerstats/hal_power_stats_default.te
+++ b/powerstats/hal_power_stats_default.te
@@ -3,3 +3,4 @@
 vndbinder_use(hal_power_stats)
 add_service(hal_power_stats_server, hal_power_stats_service)
 
+r_dir_file(hal_power_stats_default, sysfs_power_stats)

powerstats/service_contexts

diff --git a/powerstats/service_contexts b/powerstats/service_contexts
new file mode 100644
index 0000000..816e63c
--- /dev/null
+++ b/powerstats/service_contexts
@@ -0,0 +1 @@
+power.stats-vendor    u:object_r:hal_power_stats_vendor_service:s0

powerstats/vndservice_contexts

diff --git a/powerstats/vndservice_contexts b/powerstats/vndservice_contexts
new file mode 100644
index 0000000..479ff45
--- /dev/null
+++ b/powerstats/vndservice_contexts
@@ -0,0 +1 @@
+power.stats-vendor                  u:object_r:hal_power_stats_vendor_service:s0

ramdump/ramdump.te

diff --git a/ramdump/ramdump.te b/ramdump/ramdump.te
index 96bdfd6..f9c93c6 100644
--- a/ramdump/ramdump.te
+++ b/ramdump/ramdump.te
@@ -27,6 +27,7 @@
   # To access statsd.
   hwbinder_use(ramdump)
   get_prop(ramdump, hwservicemanager_prop)
+  get_prop(ramdump, boot_status_prop)
   allow ramdump fwk_stats_hwservice:hwservice_manager find;
   binder_call(ramdump, stats_service_server)
   allow ramdump fwk_stats_service:service_manager find;

storage/genfs_contexts

diff --git a/storage/genfs_contexts b/storage/genfs_contexts
index 0a2fd03..2f0b5bb 100644
--- a/storage/genfs_contexts
+++ b/storage/genfs_contexts
@@ -1,2 +1,2 @@
 genfscon debugfs /lpm_stats/stats					u:object_r:debugfs_lpm:s0
-genfscon sysfs /devices/platform/soc/1d84000.ufshc/power(/.*)?		u:object_r:sysfs_scsi_devices_0000:s0
+genfscon sysfs /devices/platform/soc/1d84000.ufshc/power		u:object_r:sysfs_scsi_devices_0000:s0

turbo_adapter/turbo_adapter.te

diff --git a/turbo_adapter/turbo_adapter.te b/turbo_adapter/turbo_adapter.te
index 995b9bd..ca9ad00 100644
--- a/turbo_adapter/turbo_adapter.te
+++ b/turbo_adapter/turbo_adapter.te
@@ -20,3 +20,4 @@
 
 # PAS: for SuspendControlServiceDataProvider
 binder_call(turbo_adapter, system_suspend_internal_server)
+get_prop(turbo_adapter, suspend_prop)