Merge "Make AIDL HAL client attribute an exclusive client."
diff --git a/private/bug_map b/private/bug_map
index eaa1593..ab267cf 100644
--- a/private/bug_map
+++ b/private/bug_map
@@ -28,7 +28,6 @@
system_server crash_dump process b/73128755
system_server overlayfs_file file b/142390309
system_server sdcardfs file b/77856826
-system_server storage_stub_file dir b/145267097
system_server zygote process b/77856826
untrusted_app untrusted_app netlink_route_socket b/155595000
vold system_data_file file b/124108085
diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 66286d5..894cf61 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -14,9 +14,13 @@
hal_fingerprint_service
gnss_device
hal_dumpstate_config_prop
+ hal_power_stats_service
keystore2_key_contexts_file
+ location_time_zone_manager_service
mediatranscoding_tmpfs
people_service
+ power_stats_service
+ power_debug_prop
profcollectd
profcollectd_data_file
profcollectd_exec
@@ -24,4 +28,5 @@
shell_test_data_file
sysfs_devices_cs_etm
update_engine_stable_service
+ updateable_module_file
userspace_reboot_metadata_file))
diff --git a/private/file_contexts b/private/file_contexts
index 27bbb3d..8fa09bb 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -479,6 +479,13 @@
/(odm_dlkm|vendor/odm_dlkm|system/vendor/odm_dlkm)(/.*)? u:object_r:vendor_file:s0
#############################
+# Modules files
+# This includes updateable modules (including APEXes and APKs) that are stored
+# in the modules partition.
+#
+/modules(/.*)? u:object_r:updateable_module_file:s0
+
+#############################
# Vendor files from /(product|system/product)/vendor_overlay
#
# NOTE: For additional vendor file contexts for vendor overlay files,
diff --git a/private/property_contexts b/private/property_contexts
index 34cc0f8..4785707 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -891,3 +891,5 @@
# surfaceflinger-settable
graphics.display.kernel_idle_timer.enabled u:object_r:surfaceflinger_display_prop:s0 exact bool
+# Disable/enable charger input
+power.battery_input.suspended u:object_r:power_debug_prop:s0 exact bool
diff --git a/private/service_contexts b/private/service_contexts
index 35332ab..7d36973 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -2,6 +2,7 @@
android.hardware.identity.IIdentityCredentialStore/default u:object_r:hal_identity_service:s0
android.hardware.light.ILights/default u:object_r:hal_light_service:s0
android.hardware.power.IPower/default u:object_r:hal_power_service:s0
+android.hardware.powerstats.IPowerStats/default u:object_r:hal_power_stats_service:s0
android.hardware.rebootescrow.IRebootEscrow/default u:object_r:hal_rebootescrow_service:s0
android.hardware.vibrator.IVibrator/default u:object_r:hal_vibrator_service:s0
@@ -123,6 +124,7 @@
launcherapps u:object_r:launcherapps_service:s0
lights u:object_r:light_service:s0
location u:object_r:location_service:s0
+location_time_zone_manager u:object_r:location_time_zone_manager_service:s0
lock_settings u:object_r:lock_settings_service:s0
looper_stats u:object_r:looper_stats_service:s0
lpdump_service u:object_r:lpdump_service:s0
diff --git a/public/attributes b/public/attributes
index ce6e540..75b0c25 100644
--- a/public/attributes
+++ b/public/attributes
@@ -91,15 +91,19 @@
# All properties defined by /system.
attribute system_property_type;
+expandattribute system_property_type false;
# All /system-defined properties used only in /system.
attribute system_internal_property_type;
+expandattribute system_internal_property_type false;
# All /system-defined properties which can't be written outside /system.
attribute system_restricted_property_type;
+expandattribute system_restricted_property_type false;
# All /system-defined properties with no restrictions.
attribute system_public_property_type;
+expandattribute system_public_property_type false;
# All keystore2_key labels.
attribute keystore2_key_type;
@@ -114,15 +118,19 @@
# All properties defined by /vendor.
attribute vendor_property_type;
+expandattribute vendor_property_type false;
# All /vendor-defined properties used only in /vendor.
attribute vendor_internal_property_type;
+expandattribute vendor_internal_property_type false;
# All /vendor-defined properties which can't be written outside /vendor.
attribute vendor_restricted_property_type;
+expandattribute vendor_restricted_property_type false;
# All /vendor-defined properties with no restrictions.
attribute vendor_public_property_type;
+expandattribute vendor_public_property_type false;
# All service_manager types created by system_server
attribute system_server_service;
diff --git a/public/file.te b/public/file.te
index 3d10999..383dea6 100644
--- a/public/file.te
+++ b/public/file.te
@@ -532,6 +532,9 @@
# vndservice_contexts file
type vndservice_contexts_file, file_type;
+# /modules for updateable modules
+type updateable_module_file, file_type;
+
# Allow files to be created in their appropriate filesystems.
allow fs_type self:filesystem associate;
allow cgroup tmpfs:filesystem associate;
diff --git a/public/hal_power_stats.te b/public/hal_power_stats.te
index 2c04008..b989e2e 100644
--- a/public/hal_power_stats.te
+++ b/public/hal_power_stats.te
@@ -3,3 +3,8 @@
binder_call(hal_power_stats_server, hal_power_stats_client)
hal_attribute_hwservice(hal_power_stats, hal_power_stats_hwservice)
+
+add_service(hal_power_stats_server, hal_power_stats_service)
+binder_call(hal_power_stats_server, servicemanager)
+
+allow hal_power_stats_client hal_power_stats_service:service_manager find;
diff --git a/public/property.te b/public/property.te
index 5f48884..708fc38 100644
--- a/public/property.te
+++ b/public/property.te
@@ -70,6 +70,7 @@
system_restricted_prop(libc_debug_prop)
system_restricted_prop(module_sdkextensions_prop)
system_restricted_prop(nnapi_ext_deny_product_prop)
+system_restricted_prop(power_debug_prop)
system_restricted_prop(property_service_version_prop)
system_restricted_prop(provisioned_prop)
system_restricted_prop(restorecon_prop)
diff --git a/public/service.te b/public/service.te
index d30ba74..2325292 100644
--- a/public/service.te
+++ b/public/service.te
@@ -121,6 +121,7 @@
type launcherapps_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type light_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type location_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
+type location_time_zone_manager_service, system_server_service, service_manager_type;
type lock_settings_service, system_api_service, system_server_service, service_manager_type;
type looper_stats_service, system_server_service, service_manager_type;
type media_projection_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
@@ -215,6 +216,7 @@
type hal_identity_service, vendor_service, service_manager_type;
type hal_light_service, vendor_service, service_manager_type;
type hal_power_service, vendor_service, service_manager_type;
+type hal_power_stats_service, vendor_service, service_manager_type;
type hal_rebootescrow_service, vendor_service, service_manager_type;
type hal_vibrator_service, vendor_service, service_manager_type;
diff --git a/public/system_server.te b/public/system_server.te
index ff18bdf..09421cc 100644
--- a/public/system_server.te
+++ b/public/system_server.te
@@ -4,3 +4,13 @@
#
type system_server, domain;
type system_server_tmpfs, file_type, mlstrustedobject;
+
+# Power controls for debugging/diagnostics
+get_prop(system_server, power_debug_prop)
+set_prop(system_server, power_debug_prop)
+
+neverallow {
+ -init
+ -vendor_init
+ -system_server
+} power_debug_prop:property_service set;
diff --git a/public/vendor_init.te b/public/vendor_init.te
index 609880a..0bdf632 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -248,6 +248,7 @@
get_prop(vendor_init, boot_status_prop)
get_prop(vendor_init, exported3_system_prop)
get_prop(vendor_init, ota_prop)
+get_prop(vendor_init, power_debug_prop)
get_prop(vendor_init, provisioned_prop)
get_prop(vendor_init, retaildemo_prop)
get_prop(vendor_init, surfaceflinger_display_prop)
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 11234bc..a721fd5 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -54,7 +54,8 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.nfc@1\.2-service u:object_r:hal_nfc_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.media\.omx@1\.0-service u:object_r:mediacodec_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.power@1\.0-service u:object_r:hal_power_default_exec:s0
-/(vendor|system/vendor)/bin/hw/android\.hardware\.power-service.example u:object_r:hal_power_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.power-service\.example u:object_r:hal_power_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.powerstats-service\.example u:object_r:hal_power_stats_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.power\.stats@1\.0-service u:object_r:hal_power_stats_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.radio\.config@1\.0-service u:object_r:hal_radio_config_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.radio@1\.2-radio-service u:object_r:hal_radio_default_exec:s0