Merge "bless app created renderscript files"
diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index edfbee1..900c8c2 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -8,6 +8,7 @@
activity_task_service
adb_service
app_binding_service
+ app_prediction_service
apex_data_file
apex_mnt_dir
apex_key_file
@@ -38,6 +39,7 @@
hal_system_suspend_default_exec
hal_system_suspend_default_tmpfs
heapprofd
+ heapprofd_enabled_prop
heapprofd_exec
heapprofd_prop
heapprofd_socket
diff --git a/private/property_contexts b/private/property_contexts
index adede99..5660d98 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -64,6 +64,7 @@
persist.service.bdroid. u:object_r:bluetooth_prop:s0
persist.security. u:object_r:system_prop:s0
persist.traced.enable u:object_r:traced_enabled_prop:s0
+persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0
persist.vendor.overlay. u:object_r:overlay_prop:s0
ro.boot.vendor.overlay. u:object_r:overlay_prop:s0
ro.boottime. u:object_r:boottime_prop:s0
diff --git a/private/service_contexts b/private/service_contexts
index 9b81e68..49087c8 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -8,6 +8,7 @@
android.security.keystore u:object_r:keystore_service:s0
android.service.gatekeeper.IGateKeeperService u:object_r:gatekeeper_service:s0
app_binding u:object_r:app_binding_service:s0
+app_prediction u:object_r:app_prediction_service:s0
apexservice u:object_r:apex_service:s0
appops u:object_r:appops_service:s0
appwidget u:object_r:appwidget_service:s0
diff --git a/public/fastbootd.te b/public/fastbootd.te
index 4b79b64..1d77fd1 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te
@@ -61,8 +61,13 @@
allow fastbootd proc_cmdline:file r_file_perms;
allow fastbootd rootfs:dir r_dir_perms;
- allow fastbootd sysfs_dt_firmware_android:file r_file_perms;
+ # Needed to read fstab node from device tree.
+ allow fastbootd sysfs_dt_firmware_android:file r_file_perms;
+ allow fastbootd sysfs_dt_firmware_android:dir r_dir_perms;
+
+ # Needed for realpath() call to resolve symlinks.
+ allow fastbootd block_device:dir getattr;
userdebug_or_eng(`
# Refined manipulation of /mnt/scratch, without these perms resorts
# to deleting scratch partition when partition(s) are flashed.
diff --git a/public/property.te b/public/property.te
index fcbf365..6ee568c 100644
--- a/public/property.te
+++ b/public/property.te
@@ -38,6 +38,7 @@
type ffs_prop, property_type, core_property_type;
type fingerprint_prop, property_type, core_property_type;
type firstboot_prop, property_type;
+type heapprofd_enabled_prop, property_type;
type heapprofd_prop, property_type;
type hwservicemanager_prop, property_type;
type last_boot_reason_prop, property_type;
@@ -397,6 +398,7 @@
-device_config_reset_performed_prop
-device_config_boot_count_prop
-device_config_flags_health_check_prop
+ -heapprofd_enabled_prop
-heapprofd_prop
-hwservicemanager_prop
-last_boot_reason_prop
diff --git a/public/service.te b/public/service.te
index 8a59bff..7799c84 100644
--- a/public/service.te
+++ b/public/service.te
@@ -44,6 +44,7 @@
type adb_service, system_api_service, system_server_service, service_manager_type;
type alarm_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type app_binding_service, system_server_service, service_manager_type;
+type app_prediction_service, app_api_service, system_server_service, service_manager_type;
type appops_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type appwidget_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type assetatlas_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
diff --git a/public/shell.te b/public/shell.te
index 26f44f6..7201df0 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -75,6 +75,9 @@
userdebug_or_eng(`set_prop(shell, log_prop)')
# logpersist script
userdebug_or_eng(`set_prop(shell, logpersistd_logging_prop)')
+# Allow shell to start/stop heapprofd via the persist.heapprofd.enable
+# property.
+set_prop(shell, heapprofd_enabled_prop)
userdebug_or_eng(`
# "systrace --boot" support - allow boottrace service to run