Merge "Assign mmd_status_prop to mmd.status props" into main
diff --git a/private/adbd.te b/private/adbd.te
index c8226f3..138c8f5 100644
--- a/private/adbd.te
+++ b/private/adbd.te
@@ -178,6 +178,10 @@
allow adbd perfetto_traces_data_file:file r_file_perms;
allow adbd perfetto_traces_data_file:dir r_dir_perms;
+# Allow to pull ProfilingManager Perfetto traces.
+allow adbd perfetto_traces_profiling_data_file:file r_file_perms;
+allow adbd perfetto_traces_profiling_data_file:dir r_dir_perms;
+
# Allow to push and manage configs in /data/misc/perfetto-configs.
allow adbd perfetto_configs_data_file:dir rw_dir_perms;
allow adbd perfetto_configs_data_file:file create_file_perms;
diff --git a/private/incidentd.te b/private/incidentd.te
index bf98d31..11da9ea 100644
--- a/private/incidentd.te
+++ b/private/incidentd.te
@@ -25,6 +25,9 @@
# section id 1116, allow accessing statsd socket
unix_socket_send(incidentd, statsdw, statsd)
+# section id 1116, allow using userfaultfd
+userfaultfd_use(incidentd)
+
# section id 2001, allow reading /proc/pagetypeinfo
allow incidentd proc_pagetypeinfo:file r_file_perms;
diff --git a/private/mmd.te b/private/mmd.te
index b7a6542..1c0eca1 100644
--- a/private/mmd.te
+++ b/private/mmd.te
@@ -33,3 +33,7 @@
# Allow mmd to write to statsd socket.
unix_socket_send(mmd, statsdw, statsd)
+# Allow mmd to interact with statsd binder calls for pulled atoms.
+allow mmd stats_service:service_manager find;
+allow mmd statsmanager_service:service_manager find;
+binder_call(mmd, statsd)
diff --git a/private/property.te b/private/property.te
index f42ac47..cd87e7a 100644
--- a/private/property.te
+++ b/private/property.te
@@ -57,7 +57,9 @@
system_internal_prop(system_adbd_prop)
system_internal_prop(system_audio_config_prop)
system_internal_prop(timezone_metadata_prop)
+system_internal_prop(traced_config_prop)
system_internal_prop(traced_perf_enabled_prop)
+system_internal_prop(traced_relay_relay_port_prop)
system_internal_prop(uprobestats_start_with_config_prop)
system_internal_prop(tuner_server_ctl_prop)
system_internal_prop(userspace_reboot_log_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 13aed7e..d80931c 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -88,6 +88,9 @@
persist.security. u:object_r:system_prop:s0
persist.traced.enable u:object_r:traced_enabled_prop:s0
traced.lazy. u:object_r:traced_lazy_prop:s0
+traced_relay.relay_port u:object_r:traced_relay_relay_port_prop:s0
+ro.traced. u:object_r:traced_config_prop:s0
+traced.relay_producer_port u:object_r:traced_config_prop:s0
persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0
persist.traced_perf.enable u:object_r:traced_perf_enabled_prop:s0
uprobestats.start_with_config u:object_r:uprobestats_start_with_config_prop:s0
diff --git a/private/service.te b/private/service.te
index 6912eb9..ab9351c 100644
--- a/private/service.te
+++ b/private/service.te
@@ -20,7 +20,7 @@
type mmd_service, service_manager_type;
type on_device_intelligence_service, app_api_service, system_server_service, service_manager_type, isolated_compute_allowed_service;
type profcollectd_service, service_manager_type;
-type protolog_configuration_service, app_api_service, system_api_service, system_server_service, service_manager_type;
+type protolog_configuration_service, app_api_service, system_api_service, system_server_service, service_manager_type, ephemeral_app_api_service;
type resolver_service, system_server_service, service_manager_type;
type rkpd_registrar_service, service_manager_type;
type rkpd_refresh_service, service_manager_type;
diff --git a/private/shell.te b/private/shell.te
index 3e45e1f..492d8f5 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -67,6 +67,9 @@
# ... and /data/misc/perfetto-traces/bugreport/ .
allow shell perfetto_traces_bugreport_data_file:dir rw_dir_perms;
allow shell perfetto_traces_bugreport_data_file:file { r_file_perms unlink };
+# ... and /data/misc/perfetto-traces/profiling/ .
+allow shell perfetto_traces_profiling_data_file:dir rw_dir_perms;
+allow shell perfetto_traces_profiling_data_file:file { r_file_perms unlink };
# Allow shell to create/remove configs stored in /data/misc/perfetto-configs.
allow shell perfetto_configs_data_file:dir rw_dir_perms;
diff --git a/private/statsd.te b/private/statsd.te
index 3db5c60..acc3aa6 100644
--- a/private/statsd.te
+++ b/private/statsd.te
@@ -98,6 +98,10 @@
allow statsd mediaserver_service:service_manager find;
binder_call(statsd, mediaserver)
+# Allow statsd to interact with mmd
+allow statsd mmd_service:service_manager find;
+binder_call(statsd, mmd)
+
# Allow logd access.
read_logd(statsd)
control_logd(statsd)
diff --git a/private/traced.te b/private/traced.te
index 8a29541..619a55b 100644
--- a/private/traced.te
+++ b/private/traced.te
@@ -56,6 +56,11 @@
# Allow traced to detect if a process is frozen (b/381089063).
allow traced cgroup_v2:file r_file_perms;
+# Allow traced/traced_relay to read the traced config properties.
+get_prop(traced, traced_config_prop)
+# Allow traced_relay to read the relay port being used
+get_prop(traced, traced_relay_relay_port_prop)
+
# Allow setting debug properties which guard initialization of the Perfetto SDK
# in SurfaceFlinger and HWUI's copy of Skia.
# Required for the android.sdk_sysprop_guard data source.
diff --git a/vendor/hal_radio_default.te b/vendor/hal_radio_default.te
index 82fd40e..1c08a27 100644
--- a/vendor/hal_radio_default.te
+++ b/vendor/hal_radio_default.te
@@ -4,3 +4,4 @@
type hal_radio_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_radio_default)
+net_domain(hal_radio_default)