From a86cc5e1cea6a02331af27dbb2e37e414690264f Mon Sep 17 00:00:00 2001 From: samou Date: Wed, 6 Dec 2023 07:23:42 +0000 Subject: [PATCH 01/55] bm: support br_stats enabled flag Bug: 315067183 Change-Id: I1c5c58e716e952a5e55493c129c2566c7f115da3 Signed-off-by: samou --- battery_mitigation/battery_mitigation.cpp | 1 + battery_mitigation/battery_mitigation.rc | 1 + battery_mitigation/sepolicy/vendor/battery_mitigation.te | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/battery_mitigation/battery_mitigation.cpp b/battery_mitigation/battery_mitigation.cpp index fb81b20..a4e28b9 100644 --- a/battery_mitigation/battery_mitigation.cpp +++ b/battery_mitigation/battery_mitigation.cpp @@ -73,6 +73,7 @@ const struct MitigationConfig::Config cfg = { }; const struct MitigationConfig::EventThreadConfig eventThreadCfg = { + .BrownoutStatsEnablePath = "/sys/devices/virtual/pmic/mitigation/br_stats/enable_br_stats", .NumericSysfsStatPaths = { {"cpu0_freq", "/sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq"}, {"cpu1_freq", "/sys/devices/system/cpu/cpu1/cpufreq/scaling_cur_freq"}, diff --git a/battery_mitigation/battery_mitigation.rc b/battery_mitigation/battery_mitigation.rc index 6c8f5cc..bc95fd3 100644 --- a/battery_mitigation/battery_mitigation.rc +++ b/battery_mitigation/battery_mitigation.rc @@ -1,6 +1,7 @@ on property:vendor.thermal.link_ready=1 mkdir /data/vendor/mitigation 0755 system system chown system system /data/vendor/mitigation + chown system system /sys/devices/virtual/pmic/mitigation/br_stats/enable_br_stats start vendor.battery_mitigation on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,if && property:sys.boot.reason=reboot,uvlo,pmic,if diff --git a/battery_mitigation/sepolicy/vendor/battery_mitigation.te b/battery_mitigation/sepolicy/vendor/battery_mitigation.te index 4b5bc48..ee0780a 100644 --- a/battery_mitigation/sepolicy/vendor/battery_mitigation.te +++ b/battery_mitigation/sepolicy/vendor/battery_mitigation.te @@ -19,7 +19,7 @@ r_dir_file(battery_mitigation, thermal_link_device) r_dir_file(battery_mitigation, sysfs_odpm) r_dir_file(battery_mitigation, sysfs_power_stats) allow battery_mitigation sysfs_bcl:dir r_dir_perms; -allow battery_mitigation sysfs_bcl:file r_file_perms; +allow battery_mitigation sysfs_bcl:file rw_file_perms; allow battery_mitigation sysfs_bcl:lnk_file r_file_perms; allow battery_mitigation sysfs_thermal:lnk_file r_file_perms; allow battery_mitigation mitigation_vendor_data_file:dir rw_dir_perms; From f7f93daaf32309ce5028486ee2a9802ef0257cce Mon Sep 17 00:00:00 2001 From: Lei Ju Date: Fri, 15 Dec 2023 14:48:25 -0800 Subject: [PATCH 02/55] Set up common sepolicy for CHRE Bug: 248615564 Test: compilation by make sepolicy Change-Id: I0bde64d26d0c4451343f6f7032aecc20b275feaa --- chre/README.txt | 5 +++++ chre/hal.mk | 2 ++ chre/sepolicy/file_contexts | 1 + chre/sepolicy/hal_contexthub_default.te | 29 +++++++++++++++++++++++++ 4 files changed, 37 insertions(+) create mode 100644 chre/README.txt create mode 100644 chre/hal.mk create mode 100644 chre/sepolicy/file_contexts create mode 100644 chre/sepolicy/hal_contexthub_default.te diff --git a/chre/README.txt b/chre/README.txt new file mode 100644 index 0000000..3bdea2b --- /dev/null +++ b/chre/README.txt @@ -0,0 +1,5 @@ +This folder contains the common settings for CHRE shared by various platforms. + +Dependencies among types can happen. For example, hal_contexthub_default +depends on sysfs_aoc at the moment. When setting up a device with CHRE +we should make sure rules of dependent types are included too. diff --git a/chre/hal.mk b/chre/hal.mk new file mode 100644 index 0000000..13ebb7f --- /dev/null +++ b/chre/hal.mk @@ -0,0 +1,2 @@ +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/chre/sepolicy/ +PRODUCT_PACKAGES += android.hardware.contexthub-service.generic \ No newline at end of file diff --git a/chre/sepolicy/file_contexts b/chre/sepolicy/file_contexts new file mode 100644 index 0000000..0659579 --- /dev/null +++ b/chre/sepolicy/file_contexts @@ -0,0 +1 @@ +/vendor/bin/hw/android\.hardware\.contexthub-service\.generic u:object_r:hal_contexthub_default_exec:s0 diff --git a/chre/sepolicy/hal_contexthub_default.te b/chre/sepolicy/hal_contexthub_default.te new file mode 100644 index 0000000..de5ca64 --- /dev/null +++ b/chre/sepolicy/hal_contexthub_default.te @@ -0,0 +1,29 @@ +# Allow context hub HAL to communicate with daemon via socket +unix_socket_connect(hal_contexthub_default, chre, chre) + +# Permit communication with AoC +allow hal_contexthub_default aoc_device:chr_file rw_file_perms; + +# Allow context hub HAL to determine AoC's current clock +allow hal_contexthub_default sysfs_aoc:dir search; +allow hal_contexthub_default sysfs_aoc_boottime:file r_file_perms; + +# Allow context hub HAL to create thread to watch AOC's device +allow hal_contexthub_default aoc_device:dir r_dir_perms; + +# Allow context hub HAL to use the USF low latency transport +usf_low_latency_transport(hal_contexthub_default) + +# Allow context hub HAL to talk to the WiFi HAL +binder_call(hal_contexthub_default, hal_wifi_ext) +allow hal_contexthub_default hal_wifi_ext_service:service_manager find; + +# Allow context hub HAL to talk to stats service +binder_call(hal_contexthub_default, stats_service_server) +allow hal_contexthub_default fwk_stats_service:service_manager find; + +# Allow context hub HAL to use WakeLock +wakelock_use(hal_contexthub_default) + +# Allow context hub HAL to block suspend, which is required to use EPOLLWAKEUP +allow hal_contexthub_default self:global_capability2_class_set block_suspend; From 911292eccad068633b00110ea2fb2fefbd746199 Mon Sep 17 00:00:00 2001 From: Jaegeuk Kim Date: Wed, 20 Dec 2023 09:57:24 -0800 Subject: [PATCH 03/55] Storage: clean up init.rc for storage Bug: 311655524 Change-Id: Ic08d6cd42f90c2c6b697077d63fea6a2454f1cc1 Signed-off-by: Jaegeuk Kim --- storage/init.storage.rc | 56 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/storage/init.storage.rc b/storage/init.storage.rc index 56e8e4f..141f8f0 100644 --- a/storage/init.storage.rc +++ b/storage/init.storage.rc @@ -1,3 +1,59 @@ on property:ro.build.type=userdebug write /dev/sys/block/bootdevice/pixel/enable_pixel_ufs_logging 1 chown system /dev/sg3 + +on default_storage_mode + # F2FS + write /dev/sys/fs/by-name/userdata/data_io_flag 8 + write /dev/sys/fs/by-name/userdata/node_io_flag 8 + + # Block + write /dev/sys/block/by-name/rootdisk/queue/iostats 1 + write /dev/sys/block/by-name/rootdisk/queue/nr_requests 128 + + # UFS + write /dev/sys/block/bootdevice/clkgate_enable 1 + +on init + # Symlink /dev/sys/block/bootdevice + wait /dev/block/platform/${ro.boot.boot_devices} + symlink /dev/block/platform/${ro.boot.boot_devices} /dev/block/bootdevice + symlink /sys/devices/platform/${ro.boot.boot_devices} /dev/sys/block/bootdevice + + # F2FS + write /dev/sys/fs/by-name/userdata/data_io_flag 56 + write /dev/sys/fs/by-name/userdata/node_io_flag 56 + + # Block + write /dev/sys/block/by-name/rootdisk/queue/iostats 0 + write /sys/sys/block/by-name/rootdisk/queue/nr_requests 256 + + # UFS + write /dev/sys/block/bootdevice/clkgate_enable 0 + +on property:sys.boot_completed=1 + # Health Storage HAL + chown system system /dev/sys/block/bootdevice/manual_gc + + # Pixelstats + chown system system /dev/sys/block/bootdevice/slowio_read_cnt + chown system system /dev/sys/block/bootdevice/slowio_sync_cnt + chown system system /dev/sys/block/bootdevice/slowio_unmap_cnt + chown system system /dev/sys/block/bootdevice/slowio_write_cnt + + chown system system /dev/sys/fs/by-name/userdata/committed_atomic_block + chown system system /dev/sys/fs/by-name/userdata/compr_new_inode + chown system system /dev/sys/fs/by-name/userdata/compr_saved_block + chown system system /dev/sys/fs/by-name/userdata/compr_written_block + chown system system /dev/sys/fs/by-name/userdata/gc_reclaimed_segments + chown system system /dev/sys/fs/by-name/userdata/gc_segment_mode + chown system system /dev/sys/fs/by-name/userdata/peak_atomic_write + chown system system /dev/sys/fs/by-name/userdata/revoked_atomic_block + + trigger default_storage_mode + +on charger + trigger default_storage_mode + +on property:ro.boot.mode=charger && property:init.svc.vendor.charger=running + trigger default_storage_mode From 403baea11fa5f1661f1110c9cd36922cd89800fb Mon Sep 17 00:00:00 2001 From: Lei Ju Date: Wed, 20 Dec 2023 16:36:18 -0800 Subject: [PATCH 04/55] Update the common sepolicy for file access Bug: 248615564 Test: load sepolicy onto pixel device and verify the output using audit2allow Change-Id: I295cefa3637298fba3d266f5f95f83cb7329bd02 --- chre/sepolicy/hal_contexthub_default.te | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/chre/sepolicy/hal_contexthub_default.te b/chre/sepolicy/hal_contexthub_default.te index de5ca64..3d67bd3 100644 --- a/chre/sepolicy/hal_contexthub_default.te +++ b/chre/sepolicy/hal_contexthub_default.te @@ -9,7 +9,7 @@ allow hal_contexthub_default sysfs_aoc:dir search; allow hal_contexthub_default sysfs_aoc_boottime:file r_file_perms; # Allow context hub HAL to create thread to watch AOC's device -allow hal_contexthub_default aoc_device:dir r_dir_perms; +allow hal_contexthub_default device:dir r_dir_perms; # Allow context hub HAL to use the USF low latency transport usf_low_latency_transport(hal_contexthub_default) @@ -22,6 +22,10 @@ allow hal_contexthub_default hal_wifi_ext_service:service_manager find; binder_call(hal_contexthub_default, stats_service_server) allow hal_contexthub_default fwk_stats_service:service_manager find; +# Allow context hub HAL to write data to /data/vendor/chre/ directory +allow hal_contexthub_default chre_data_file:dir create_dir_perms; +allow hal_contexthub_default chre_data_file:file create_file_perms; + # Allow context hub HAL to use WakeLock wakelock_use(hal_contexthub_default) From bebef42dbd98ee79b01413d2901f0997fe8b69b2 Mon Sep 17 00:00:00 2001 From: Qais Yousef Date: Thu, 21 Dec 2023 19:04:11 +0000 Subject: [PATCH 05/55] init.storage.rc: Set rq_affinity to 2 When rq_affinity is 1, it will default to servicing the softirq on the same CPU that has serviced the interrupt. By setting it to 2, completions are processed by the CPU core that submitted the I/O. Bug: 311655524 Signed-off-by: Qais Yousef Change-Id: I21421f97f069083793fe2e2fa51739dac12eca1d --- storage/init.storage.rc | 1 + 1 file changed, 1 insertion(+) diff --git a/storage/init.storage.rc b/storage/init.storage.rc index 141f8f0..948e820 100644 --- a/storage/init.storage.rc +++ b/storage/init.storage.rc @@ -10,6 +10,7 @@ on default_storage_mode # Block write /dev/sys/block/by-name/rootdisk/queue/iostats 1 write /dev/sys/block/by-name/rootdisk/queue/nr_requests 128 + write /dev/sys/block/by-name/rootdisk/queue/rq_affinity 2 # UFS write /dev/sys/block/bootdevice/clkgate_enable 1 From 40b75d505cf13296b130c7599797a785924080e1 Mon Sep 17 00:00:00 2001 From: Darren Hsu Date: Wed, 20 Dec 2023 20:12:32 +0800 Subject: [PATCH 06/55] powerstats: introduce display MRR state residency data provider Display team introduces new refresh rate residency in kernel. Current display data provider is polling data from state sysfs. To reduce CPU loading and improve efficiency, we should get rid of polling data provider and create new data provider to read data from time_in_state sysfs in PowerStatsHAL. Bug: 316260832 Test: vts-tradefed run vts -m VtsHalPowerStatsTargetTest Change-Id: I4d9886f13207e41f13defd89ea2c19614918a570 Signed-off-by: Darren Hsu --- .../DisplayMrrStateResidencyDataProvider.cpp | 169 ++++++++++++++++++ .../DisplayMrrStateResidencyDataProvider.h | 68 +++++++ 2 files changed, 237 insertions(+) create mode 100644 powerstats/DisplayMrrStateResidencyDataProvider.cpp create mode 100644 powerstats/include/DisplayMrrStateResidencyDataProvider.h diff --git a/powerstats/DisplayMrrStateResidencyDataProvider.cpp b/powerstats/DisplayMrrStateResidencyDataProvider.cpp new file mode 100644 index 0000000..8ab9af4 --- /dev/null +++ b/powerstats/DisplayMrrStateResidencyDataProvider.cpp @@ -0,0 +1,169 @@ +/* + * Copyright (C) 2023 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "DisplayMrrStateResidencyDataProvider.h" + +#include +#include +#include + +using android::base::ParseInt; +using android::base::ParseUint; +using android::base::Split; +using android::base::Trim; + +static const std::string TIME_IN_STATE = "time_in_state"; +static const std::string AVAILABLE_STATE = "available_disp_stats"; +static const std::vector DISP_STATE = { "On", "HBM", "LP", "Off" }; + +namespace aidl { +namespace android { +namespace hardware { +namespace power { +namespace stats { + +DisplayMrrStateResidencyDataProvider::DisplayMrrStateResidencyDataProvider( + const std::string& name, const std::string& path) : mName(name), mPath(path) { + mConfigs = std::vector(); + std::string statePath = mPath + AVAILABLE_STATE; + std::unique_ptr fp(fopen(statePath.c_str(), "r"), fclose); + if (fp) { + char *line = nullptr; + size_t len = 0; + Config config = { .state = 0, .resX = 0, .resY = 0, .rr = 0 }; + while (getline(&line, &len, fp.get()) != -1) { + if (parseAvailableState(line, &config)) { + mConfigs.push_back(config); + } else { + PLOG(ERROR) << "Failed to parse display config for [" << std::string(line) + << "] from " << statePath; + mConfigs.clear(); + break; + } + } + free(line); + } else { + PLOG(ERROR) << "Failed to open file " << statePath; + } +} + +bool DisplayMrrStateResidencyDataProvider::parseConfig( + char const *line, Config *config, uint64_t *duration) { + std::vector parts = Split(line, " "); + + if (duration == nullptr) { + if (parts.size() != 4) return false; + } else { + if (parts.size() != 5) return false; + + if (!ParseUint(Trim(parts[4]), duration)) return false; + } + + if (!ParseInt(Trim(parts[0]), &config->state)) return false; + if (!ParseInt(Trim(parts[1]), &config->resX)) return false; + if (!ParseInt(Trim(parts[2]), &config->resY)) return false; + if (!ParseInt(Trim(parts[3]), &config->rr)) return false; + + return true; +} + +bool DisplayMrrStateResidencyDataProvider::parseAvailableState( + char const *line, Config *config) { + return parseConfig(line, config, nullptr); +} + +bool DisplayMrrStateResidencyDataProvider::parseTimeInState( + char const *line, Config *config, uint64_t *duration) { + return parseConfig(line, config, duration); +} + +bool DisplayMrrStateResidencyDataProvider::getStateResidencies( + std::unordered_map> *residencies) { + if (mConfigs.empty()) { + LOG(ERROR) << "Display MRR state list is empty!"; + return false; + } + + std::string path = mPath + TIME_IN_STATE; + std::unique_ptr fp(fopen(path.c_str(), "r"), fclose); + if (!fp) { + PLOG(ERROR) << "Failed to open file " << path; + return false; + } + + std::vector stateResidencies; + for (int i = 0; i < mConfigs.size(); i++) { + StateResidency s = {.id = i, .totalTimeInStateMs = 0}; + stateResidencies.push_back(s); + } + + char *line = nullptr; + size_t len = 0; + Config config = { .state = 0, .resX = 0, .resY = 0, .rr = 0 }; + uint64_t duration; + std::vector::const_iterator found; + while (getline(&line, &len, fp.get()) != -1) { + if (parseTimeInState(line, &config, &duration)) { + found = std::find(mConfigs.begin(), mConfigs.end(), config); + if (found != mConfigs.end()) { + stateResidencies[found - mConfigs.begin()].totalTimeInStateMs = duration; + } else { + LOG(ERROR) << "Failed to find config for [" << std::string(line) + << "] in display MRR state list"; + } + } else { + LOG(ERROR) << "Failed to parse state and duration from [" << std::string(line) << "]"; + free(line); + return false; + } + } + + residencies->emplace(mName, stateResidencies); + + free(line); + + return true; +} + +std::unordered_map> DisplayMrrStateResidencyDataProvider::getInfo() +{ + int32_t dispId; + std::string name; + std::vector states; + for (int32_t id = 0; id < mConfigs.size(); id++) { + dispId = mConfigs[id].state; + if (dispId >= DISP_STATE.size()) { + LOG(ERROR) << "Display state id " << dispId << " is out of bound"; + return {}; + } + + name = DISP_STATE[dispId]; + if (dispId != DISP_STATE.size() - 1) { + name += ": " + std::to_string(mConfigs[id].resX) + + "x" + std::to_string(mConfigs[id].resY) + + "@" + std::to_string(mConfigs[id].rr); + } + State s = { .id = id, .name = name }; + states.push_back(s); + } + + return {{ mName, states }}; +} + +} // namespace stats +} // namespace power +} // namespace hardware +} // namespace android +} // namespace aidl diff --git a/powerstats/include/DisplayMrrStateResidencyDataProvider.h b/powerstats/include/DisplayMrrStateResidencyDataProvider.h new file mode 100644 index 0000000..81ea17e --- /dev/null +++ b/powerstats/include/DisplayMrrStateResidencyDataProvider.h @@ -0,0 +1,68 @@ +/* + * Copyright (C) 2023 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#pragma once + +#include + +namespace aidl { +namespace android { +namespace hardware { +namespace power { +namespace stats { + +class DisplayMrrStateResidencyDataProvider : public PowerStats::IStateResidencyDataProvider { + public: + DisplayMrrStateResidencyDataProvider(const std::string& name, const std::string& path); + ~DisplayMrrStateResidencyDataProvider() = default; + + /* + * See IStateResidencyDataProvider::getStateResidencies + */ + bool getStateResidencies( + std::unordered_map> *residencies) override; + + /* + * See IStateResidencyDataProvider::getInfo + */ + std::unordered_map> getInfo() override; + + private: + struct Config { + int32_t state; // Display state (On, HBM, LP, Off) + int32_t resX; // Resolution X + int32_t resY; // Resolution Y + int32_t rr; // Refresh rate + + bool operator==(const Config& r) const { + return state == r.state && resX == r.resX && resY == r.resY && rr == r.rr; + } + }; + + bool parseConfig(char const *line, Config *config, uint64_t *duration); + bool parseAvailableState(char const *line, Config *config); + bool parseTimeInState(char const *line, Config *config, uint64_t *duration); + bool loadAvailableState(); + + const std::string mName; + const std::string mPath; + std::vector mConfigs; +}; + +} // namespace stats +} // namespace power +} // namespace hardware +} // namespace android +} // namespace aidl From e23d5c44d0f21b364e73c107131a3586fad6c754 Mon Sep 17 00:00:00 2001 From: Carter Hsu Date: Fri, 22 Dec 2023 01:35:51 +0000 Subject: [PATCH 07/55] Allow hal_audio_default to access DMA and TPU property 12-19 13:46:27.396000 1041 4222 4222 W gsenet/4949: type=1400 audit(0.0:51): avc: denied { read } for name="u:object_r:vendor_edgetpu_runtime_prop:s0" dev="tmpfs" ino=399 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:vendor_edgetpu_runtime_prop:s0 tclass=file permissive=0 12-19 13:46:27.396000 1041 4222 4222 I auditd : type=1400 audit(0.0:52): avc: denied { read } for comm="gsenet/4949" name="system" dev="tmpfs" ino=1217 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=0 12-19 13:46:27.396000 1041 4222 4222 W gsenet/4949: type=1400 audit(0.0:52): avc: denied { read } for name="system" dev="tmpfs" ino=1217 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=0 Bug: 317032803 Test: Verified by test build Change-Id: Ifc2b720615b2ee9b74de163c128962411bbe0d4e Signed-off-by: Carter Hsu --- edgetpu/sepolicy/hal_audio_default.te | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/edgetpu/sepolicy/hal_audio_default.te b/edgetpu/sepolicy/hal_audio_default.te index 2646fcc..523770c 100644 --- a/edgetpu/sepolicy/hal_audio_default.te +++ b/edgetpu/sepolicy/hal_audio_default.te @@ -12,3 +12,7 @@ binder_call(hal_audio_default, edgetpu_app_server) # Allow audio HAL to read tflite Darwinn delegate properties get_prop(hal_audio_default, vendor_tflite_delegate_prop) +get_prop(hal_audio_default, vendor_edgetpu_runtime_prop) + +# Allow DMA Buf access. +allow hal_audio_default dmabuf_system_heap_device:chr_file r_file_perms; From e3e46d4de94a9732f3beb3128197ed88e1f63467 Mon Sep 17 00:00:00 2001 From: Darren Hsu Date: Fri, 22 Dec 2023 23:34:42 +0800 Subject: [PATCH 08/55] powerstats: sort frequencies in descending order Cpufreq data is sorted in ascending order, but power stats are sorted in descending order. Reverse sorting to maintain consistency with other power stats. Bug: 317429309 Test: vts-tradefed run vts -m VtsHalPowerStatsTargetTest Change-Id: I29a58c02add846eb66a8d6eb247336111363c335 Signed-off-by: Darren Hsu --- powerstats/AdaptiveDvfsStateResidencyDataProvider.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/powerstats/AdaptiveDvfsStateResidencyDataProvider.cpp b/powerstats/AdaptiveDvfsStateResidencyDataProvider.cpp index 6e377aa..c842d3e 100644 --- a/powerstats/AdaptiveDvfsStateResidencyDataProvider.cpp +++ b/powerstats/AdaptiveDvfsStateResidencyDataProvider.cpp @@ -62,6 +62,14 @@ AdaptiveDvfsStateResidencyDataProvider::AdaptiveDvfsStateResidencyDataProvider( } } + // Cpufreq data is sorted in ascending order, but power stats are sorted + // in descending order. Reverse sorting to maintain consistency with + // other power stats. + if (states.size() > 1 && + std::atoll(states[0].second.c_str()) < std::atoll(states[1].second.c_str())) { + std::reverse(states.begin(), states.end()); + } + mPowerEntities.push_back({powerEntities[i].first, std::move(states)}); } From e5bf86e7cd012ee2ae9e3bed8321a184c1c9cc7b Mon Sep 17 00:00:00 2001 From: Jasmine Cha Date: Tue, 12 Dec 2023 16:27:28 +0800 Subject: [PATCH 09/55] audio: add soong config for ims media to read Bug: 291772585 Test: manual test on hidl/aidl Change-Id: I1bb1bc5963fe28132cb72fe29167b3fa4d384cb7 Signed-off-by: Jasmine Cha --- audio/aidl.mk | 2 ++ 1 file changed, 2 insertions(+) diff --git a/audio/aidl.mk b/audio/aidl.mk index bd11249..02a9649 100644 --- a/audio/aidl.mk +++ b/audio/aidl.mk @@ -24,3 +24,5 @@ DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/audio/aidl/d PRODUCT_PROPERTY_OVERRIDES += \ vendor.audio_hal.aidl.enable=true + +$(call soong_config_set,pixel_audio_hal_type,aidl_build,true) From 643719c2ac7733bdf4404a65f82841d02fbe3c8d Mon Sep 17 00:00:00 2001 From: Yen-Chao Chen Date: Tue, 26 Dec 2023 14:31:49 +0800 Subject: [PATCH 10/55] touch/init: change file owner after sys.boot_completed=1 It's possible that the gti sysfs node is not ready when vendor.device.modules.ready is set so change the gti file owner at later stage. Bug: 285327052 Bug: 285247095 Bug: 285323846 Test: trigger bugreport and the dump succeed. Change-Id: If1921aeb351603b52164c66bc9c7b3651d171287 Signed-off-by: Yen-Chao Chen --- touch/gti/init.touch.gti0.rc | 2 +- touch/gti/init.touch.gti1.rc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/touch/gti/init.touch.gti0.rc b/touch/gti/init.touch.gti0.rc index 70c6ced..31856ea 100644 --- a/touch/gti/init.touch.gti0.rc +++ b/touch/gti/init.touch.gti0.rc @@ -1,4 +1,4 @@ -on property:vendor.device.modules.ready=1 +on property:sys.boot_completed=1 # Sysfs chown system system /sys/devices/virtual/goog_touch_interface/gti.0/force_active chown system system /sys/devices/virtual/goog_touch_interface/gti.0/fw_ver diff --git a/touch/gti/init.touch.gti1.rc b/touch/gti/init.touch.gti1.rc index 15de6a1..a4de328 100644 --- a/touch/gti/init.touch.gti1.rc +++ b/touch/gti/init.touch.gti1.rc @@ -1,4 +1,4 @@ -on property:vendor.device.modules.ready=1 +on property:sys.boot_completed=1 # Sysfs chown system system /sys/devices/virtual/goog_touch_interface/gti.1/force_active chown system system /sys/devices/virtual/goog_touch_interface/gti.1/fw_ver From 1e19480c703afb8e31b61b5275a1872064e83975 Mon Sep 17 00:00:00 2001 From: Jasmine Cha Date: Fri, 22 Dec 2023 10:28:42 +0800 Subject: [PATCH 11/55] audio: separate audio hal hidl/aidl by project Bug: 317444263 Bug: 317733172 Test: boot to home, check basic audio functions Change-Id: I034b4958b3fc701569988618f5428c07c8d61c15 Signed-off-by: Jasmine Cha --- audio/aidl.mk | 2 ++ audio/common.mk | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/audio/aidl.mk b/audio/aidl.mk index 02a9649..5799541 100644 --- a/audio/aidl.mk +++ b/audio/aidl.mk @@ -1,3 +1,5 @@ +USE_AUDIO_HAL_AIDL := true + DEVICE_MANIFEST_FILE += device/google/gs-common/audio/aidl/manifest.xml # Audio HALs diff --git a/audio/common.mk b/audio/common.mk index 4157970..edf7b6a 100644 --- a/audio/common.mk +++ b/audio/common.mk @@ -6,7 +6,7 @@ PRODUCT_PACKAGES += \ libmahalcontroller \ libAlgFx_HiFi3z -ifneq ($(RELEASE_PIXEL_AIDL_AUDIO_HAL),true) +ifneq ($(USE_AUDIO_HAL_AIDL),true) ## AudioHAL Configurations PRODUCT_COPY_FILES += \ frameworks/av/services/audiopolicy/config/a2dp_audio_policy_configuration_7_0.xml:$(TARGET_COPY_OUT_VENDOR)/etc/a2dp_audio_policy_configuration_7_0.xml \ From 35e5021597de1a3b522d0e019de6baa7abce7c64 Mon Sep 17 00:00:00 2001 From: Lei Ju Date: Tue, 26 Dec 2023 17:25:29 -0800 Subject: [PATCH 12/55] Update common chre sepolicy for socket connection With multiclient HAL, the socket server domain changes from chre to hal_contexthub_default. Bug: 248615564 Test: updated the sepolicies and observed that avc violation logs disappears. Change-Id: Ic5717cee6d2714bec49814a1b779266de79dc4f3 --- chre/sepolicy/hal_contexthub_default.te | 5 +++-- sensors/sepolicy/hal_sensors_default.te | 3 +++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/chre/sepolicy/hal_contexthub_default.te b/chre/sepolicy/hal_contexthub_default.te index 3d67bd3..542d383 100644 --- a/chre/sepolicy/hal_contexthub_default.te +++ b/chre/sepolicy/hal_contexthub_default.te @@ -1,5 +1,6 @@ -# Allow context hub HAL to communicate with daemon via socket -unix_socket_connect(hal_contexthub_default, chre, chre) +# +# Context hub multiclient HAL common selinux policies +# # Permit communication with AoC allow hal_contexthub_default aoc_device:chr_file rw_file_perms; diff --git a/sensors/sepolicy/hal_sensors_default.te b/sensors/sepolicy/hal_sensors_default.te index 1d152d4..85a8262 100644 --- a/sensors/sepolicy/hal_sensors_default.te +++ b/sensors/sepolicy/hal_sensors_default.te @@ -60,6 +60,9 @@ allow hal_sensors_default fwk_stats_service:service_manager find; # Allow access to CHRE socket to connect to nanoapps. unix_socket_connect(hal_sensors_default, chre, chre) +## TODO(b/248615564): Remove above rule after CHRE multiclient HAL is launched. +unix_socket_connect(hal_sensors_default, chre, hal_contexthub_default) + # Allow access to the power supply files for MagCC. r_dir_file(hal_sensors_default, sysfs_batteryinfo) From e9c4233f11aff86a99bbc3206f20bba960cee9bb Mon Sep 17 00:00:00 2001 From: Carter Hsu Date: Mon, 4 Dec 2023 15:53:50 +0800 Subject: [PATCH 13/55] audio: add hdmi audio sepolicy for AIDL HAL Bug: 309696512 Test: Verified by test build Change-Id: I0e1192f228424b80c776445755a93be56c93d1e7 Signed-off-by: Carter Hsu --- audio/aidl.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/audio/aidl.mk b/audio/aidl.mk index bd11249..444b7b7 100644 --- a/audio/aidl.mk +++ b/audio/aidl.mk @@ -17,6 +17,7 @@ PRODUCT_PACKAGES += \ libdownmixaidl \ BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/audio/sepolicy/aidl +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/audio/sepolicy/hdmi_audio include device/google/gs-common/audio/common.mk From 0bdf2998a8d4293fcdfc4fada2bc8827797b5dd3 Mon Sep 17 00:00:00 2001 From: Jasmine Cha Date: Wed, 3 Jan 2024 11:16:14 +0800 Subject: [PATCH 14/55] audio: move USE_AUDIO_HAL_AIDL to device-.mk Bug: 317745810 Test: manual test b/317745810#comment3 Change-Id: Ie6f1660dcf9d26bd14061ead187e1f3d8848d565 Signed-off-by: Jasmine Cha --- audio/aidl.mk | 1 - 1 file changed, 1 deletion(-) diff --git a/audio/aidl.mk b/audio/aidl.mk index 711f389..185e628 100644 --- a/audio/aidl.mk +++ b/audio/aidl.mk @@ -1,4 +1,3 @@ -USE_AUDIO_HAL_AIDL := true DEVICE_MANIFEST_FILE += device/google/gs-common/audio/aidl/manifest.xml From 2d5681d51611783fe99bab0310b7383dc53c30ce Mon Sep 17 00:00:00 2001 From: samou Date: Wed, 3 Jan 2024 08:27:21 +0000 Subject: [PATCH 15/55] bm: create mk for new battery mitigation service Bug: 317869347 Change-Id: I09c95781cabc813d482b92e12ade944a32503f52 Signed-off-by: samou --- battery_mitigation/bcl-aidl.mk | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 battery_mitigation/bcl-aidl.mk diff --git a/battery_mitigation/bcl-aidl.mk b/battery_mitigation/bcl-aidl.mk new file mode 100644 index 0000000..83b4749 --- /dev/null +++ b/battery_mitigation/bcl-aidl.mk @@ -0,0 +1,17 @@ +ifeq ($(RELEASE_PIXEL_AIDL_BATTERY_MITIGATION_HAL), true) + +ifeq (,$(filter factory_%,$(TARGET_PRODUCT))) +PRODUCT_PACKAGES += battery_mitigation +endif +ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT))) +ifeq (,$(filter factory_%,$(TARGET_PRODUCT))) +PRODUCT_PACKAGES += BrownoutDetection +endif +endif + +PRODUCT_SOONG_NAMESPACES += device/google/gs-common/battery_mitigation +endif + +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/vendor +SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/system_ext/private +SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/system_ext/public From a05cd829dd426d83c0b027bae5761e925baa331b Mon Sep 17 00:00:00 2001 From: linanson Date: Fri, 22 Dec 2023 00:40:01 +0800 Subject: [PATCH 16/55] Remove the diagnosticsTool domain for SeLinux access. Bug: 318308424 Test: Local Rom build and manul test for the diagnosticstool app Change-Id: Ib0a79fb91a5546922caab64d9ebbb2da103d7b07 --- diagnosticstool/diagnosticstool.mk | 1 - diagnosticstool/sepolicy/diagnosticstool_app.te | 4 ---- diagnosticstool/sepolicy/seapp_contexts | 2 -- 3 files changed, 7 deletions(-) delete mode 100644 diagnosticstool/diagnosticstool.mk delete mode 100644 diagnosticstool/sepolicy/diagnosticstool_app.te delete mode 100644 diagnosticstool/sepolicy/seapp_contexts diff --git a/diagnosticstool/diagnosticstool.mk b/diagnosticstool/diagnosticstool.mk deleted file mode 100644 index 67fbd88..0000000 --- a/diagnosticstool/diagnosticstool.mk +++ /dev/null @@ -1 +0,0 @@ -PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/diagnosticstool/sepolicy diff --git a/diagnosticstool/sepolicy/diagnosticstool_app.te b/diagnosticstool/sepolicy/diagnosticstool_app.te deleted file mode 100644 index d1874e6..0000000 --- a/diagnosticstool/sepolicy/diagnosticstool_app.te +++ /dev/null @@ -1,4 +0,0 @@ -type diagnosticstool_app, domain; -app_domain(diagnosticstool_app) - -allow diagnosticstool_app app_api_service:service_manager find; diff --git a/diagnosticstool/sepolicy/seapp_contexts b/diagnosticstool/sepolicy/seapp_contexts deleted file mode 100644 index 3c601cd..0000000 --- a/diagnosticstool/sepolicy/seapp_contexts +++ /dev/null @@ -1,2 +0,0 @@ -# Diagnostics Tool -user=_app seinfo=platform name=com.google.android.apps.diagnosticstool domain=diagnosticstool_app isPrivApp=true levelFrom=user From 6b92b30e7ba8ba050bc4e2424f2781f92587bb08 Mon Sep 17 00:00:00 2001 From: Bruce Po Date: Tue, 26 Dec 2023 23:27:00 +0000 Subject: [PATCH 17/55] selinux: New aocx service Add new aocxd server domain - Allow aocxd to access AOC resources - Add new aocx binder vendor service Allow audio hal to find and talk to aocx avc error tcontext=u:object_r:binder_device:s0 tclass=chr_file or tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file avc: denied { add } for pid=1073 uid=0 name=aocx.IAocx scontext=u:r:aocxd:s0 tcontext=u:object_r:aocx:s0 tclass=service_manager avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:aocxd:s0 tclass=binder BUG: 315853303 Change-Id: Ide16a2be9f032bef60f43d4d3daa6372ae06b057 --- aoc/aoc.mk | 6 ++++-- aoc/sepolicy/aocxd.te | 25 ++++++++++++++++++++++ aoc/sepolicy/file_contexts | 2 ++ aoc/sepolicy/vndservice.te | 1 + aoc/sepolicy/vndservice_contexts | 1 + audio/sepolicy/aidl/service.te | 2 +- audio/sepolicy/aidl/service_contexts | 3 +-- audio/sepolicy/common/hal_audio_default.te | 4 ++++ 8 files changed, 39 insertions(+), 5 deletions(-) create mode 100644 aoc/sepolicy/aocxd.te create mode 100644 aoc/sepolicy/vndservice.te create mode 100644 aoc/sepolicy/vndservice_contexts diff --git a/aoc/aoc.mk b/aoc/aoc.mk index 2eadb08..136bb42 100644 --- a/aoc/aoc.mk +++ b/aoc/aoc.mk @@ -1,7 +1,8 @@ BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/aoc/sepolicy PRODUCT_PACKAGES += dump_aoc \ - aocd + aocd \ + aocxd ifeq (,$(filter aosp_%,$(TARGET_PRODUCT))) # IAudioMetricExt HIDL @@ -23,4 +24,5 @@ PRODUCT_PACKAGES_DEBUG += \ aocdump \ aocutil \ aoc_audio_cfg \ - vp_util + vp_util \ + aocx_tool diff --git a/aoc/sepolicy/aocxd.te b/aoc/sepolicy/aocxd.te new file mode 100644 index 0000000..bd9396f --- /dev/null +++ b/aoc/sepolicy/aocxd.te @@ -0,0 +1,25 @@ +# aocxd server domain +type aocxd, domain; +type aocxd_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(aocxd) + +# sysfs operations +allow aocxd sysfs_aoc:dir search; + +# dev operations +allow aocxd aoc_device:chr_file rw_file_perms; + +# allow inotify to watch for additions/removals from /dev +allow aocxd device:dir r_dir_perms; + +# set properties +set_prop(aocxd, vendor_aoc_prop); + +# allow binder access +vndbinder_use(aocxd); + +# allow managing wakelocks +wakelock_use(aocxd); + +# add aocx service to the domain +add_service(aocxd, aocx); diff --git a/aoc/sepolicy/file_contexts b/aoc/sepolicy/file_contexts index 58edf2f..617b7b9 100644 --- a/aoc/sepolicy/file_contexts +++ b/aoc/sepolicy/file_contexts @@ -27,11 +27,13 @@ /dev/acd-audio_ap_offload_rx u:object_r:aoc_device:s0 /dev/acd-audio_ap_offload_tx u:object_r:aoc_device:s0 /dev/acd-mel_processor u:object_r:aoc_device:s0 +/dev/acd-aocx_control u:object_r:aoc_device:s0 # AoC vendor binaries /vendor/bin/aocd u:object_r:aocd_exec:s0 /vendor/bin/aocdump u:object_r:aocdump_exec:s0 /vendor/bin/dump/dump_aoc u:object_r:dump_aoc_exec:s0 +/vendor/bin/aocxd u:object_r:aocxd_exec:s0 # AoC audio files /vendor/etc/aoc(/.*)? u:object_r:aoc_audio_file:s0 diff --git a/aoc/sepolicy/vndservice.te b/aoc/sepolicy/vndservice.te new file mode 100644 index 0000000..01c2436 --- /dev/null +++ b/aoc/sepolicy/vndservice.te @@ -0,0 +1 @@ +type aocx, vndservice_manager_type; diff --git a/aoc/sepolicy/vndservice_contexts b/aoc/sepolicy/vndservice_contexts new file mode 100644 index 0000000..de31e51 --- /dev/null +++ b/aoc/sepolicy/vndservice_contexts @@ -0,0 +1 @@ +aocx.IAocx u:object_r:aocx:s0 diff --git a/audio/sepolicy/aidl/service.te b/audio/sepolicy/aidl/service.te index cbdc404..d931f16 100644 --- a/audio/sepolicy/aidl/service.te +++ b/audio/sepolicy/aidl/service.te @@ -1,3 +1,3 @@ # Audio type hal_audio_ext_service, hal_service_type, service_manager_type; -type hal_audio_parameter_parser_service, service_manager_type; +type hal_audio_parameter_parser_service, service_manager_type; \ No newline at end of file diff --git a/audio/sepolicy/aidl/service_contexts b/audio/sepolicy/aidl/service_contexts index c2b7716..7a7d61d 100644 --- a/audio/sepolicy/aidl/service_contexts +++ b/audio/sepolicy/aidl/service_contexts @@ -1,4 +1,3 @@ # Audio vendor.google.whitechapel.audio.extension.IAudioExtension/default u:object_r:hal_audio_ext_service:s0 -android.media.audio.IHalAdapterVendorExtension/default u:object_r:hal_audio_parameter_parser_service:s0 - +android.media.audio.IHalAdapterVendorExtension/default u:object_r:hal_audio_parameter_parser_service:s0 \ No newline at end of file diff --git a/audio/sepolicy/common/hal_audio_default.te b/audio/sepolicy/common/hal_audio_default.te index c69e339..bfe72b1 100644 --- a/audio/sepolicy/common/hal_audio_default.te +++ b/audio/sepolicy/common/hal_audio_default.te @@ -34,3 +34,7 @@ userdebug_or_eng(` ') wakelock_use(hal_audio_default); + +vndbinder_use(hal_audio_default); +allow hal_audio_default aocx:service_manager find; +binder_call(hal_audio_default, aocxd); From 27017fb06a33f80340a2d74fd11b689579eecd58 Mon Sep 17 00:00:00 2001 From: George Lee Date: Mon, 8 Jan 2024 20:26:46 +0000 Subject: [PATCH 18/55] bm: Remove thermal dependency (gs-common) Bug: 319136643 Test: Confirm battery_mitigation loaded Change-Id: I250a1d9c1354bd4d53909d71935af1fc264f936f Signed-off-by: George Lee --- battery_mitigation/battery_mitigation.rc | 58 ++++++++++++------------ 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/battery_mitigation/battery_mitigation.rc b/battery_mitigation/battery_mitigation.rc index bc95fd3..2719541 100644 --- a/battery_mitigation/battery_mitigation.rc +++ b/battery_mitigation/battery_mitigation.rc @@ -1,91 +1,91 @@ -on property:vendor.thermal.link_ready=1 +on property:vendor.all.modules.ready=1 mkdir /data/vendor/mitigation 0755 system system chown system system /data/vendor/mitigation chown system system /sys/devices/virtual/pmic/mitigation/br_stats/enable_br_stats start vendor.battery_mitigation -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,if && property:sys.boot.reason=reboot,uvlo,pmic,if +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,if && property:sys.boot.reason=reboot,uvlo,pmic,if setprop vendor.brownout_reason "uvlo,pmic,if" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,pmic,if && property:sys.boot.reason=reboot,ocp,pmic,if +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,pmic,if && property:sys.boot.reason=reboot,ocp,pmic,if setprop vendor.brownout_reason "ocp,pmic,if" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,main && property:sys.boot.reason=reboot,uvlo,pmic,main +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,main && property:sys.boot.reason=reboot,uvlo,pmic,main setprop vendor.brownout_reason "uvlo,pmic,main" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,sub && property:sys.boot.reason=reboot,uvlo,pmic,sub +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,sub && property:sys.boot.reason=reboot,uvlo,pmic,sub setprop vendor.brownout_reason "uvlo,pmic,sub" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK1M && property:sys.boot.reason=reboot,ocp,buck1m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK1M && property:sys.boot.reason=reboot,ocp,buck1m setprop vendor.brownout_reason "ocp,buck1m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK2M && property:sys.boot.reason=reboot,ocp,buck2m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK2M && property:sys.boot.reason=reboot,ocp,buck2m setprop vendor.brownout_reason "ocp,buck2m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK3M && property:sys.boot.reason=reboot,ocp,buck3m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK3M && property:sys.boot.reason=reboot,ocp,buck3m setprop vendor.brownout_reason "ocp,buck3m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK4M && property:sys.boot.reason=reboot,ocp,buck4m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK4M && property:sys.boot.reason=reboot,ocp,buck4m setprop vendor.brownout_reason "ocp,buck4m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK5M && property:sys.boot.reason=reboot,ocp,buck5m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK5M && property:sys.boot.reason=reboot,ocp,buck5m setprop vendor.brownout_reason "ocp,buck5m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK6M && property:sys.boot.reason=reboot,ocp,buck6m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK6M && property:sys.boot.reason=reboot,ocp,buck6m setprop vendor.brownout_reason "ocp,buck6m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK7M && property:sys.boot.reason=reboot,ocp,buck7m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK7M && property:sys.boot.reason=reboot,ocp,buck7m setprop vendor.brownout_reason "ocp,buck7m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK8M && property:sys.boot.reason=reboot,ocp,buck8m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK8M && property:sys.boot.reason=reboot,ocp,buck8m setprop vendor.brownout_reason "ocp,buck8m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK9M && property:sys.boot.reason=reboot,ocp,buck9m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK9M && property:sys.boot.reason=reboot,ocp,buck9m setprop vendor.brownout_reason "ocp,buck9m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK10M && property:sys.boot.reason=reboot,ocp,buck10m +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK10M && property:sys.boot.reason=reboot,ocp,buck10m setprop vendor.brownout_reason "ocp,buck10m" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK1S && property:sys.boot.reason=reboot,ocp,buck1s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK1S && property:sys.boot.reason=reboot,ocp,buck1s setprop vendor.brownout_reason "ocp,buck1s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK2S && property:sys.boot.reason=reboot,ocp,buck2s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK2S && property:sys.boot.reason=reboot,ocp,buck2s setprop vendor.brownout_reason "ocp,buck2s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK3S && property:sys.boot.reason=reboot,ocp,buck3s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK3S && property:sys.boot.reason=reboot,ocp,buck3s setprop vendor.brownout_reason "ocp,buck3s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK4S && property:sys.boot.reason=reboot,ocp,buck4s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK4S && property:sys.boot.reason=reboot,ocp,buck4s setprop vendor.brownout_reason "ocp,buck4s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK5S && property:sys.boot.reason=reboot,ocp,buck5s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK5S && property:sys.boot.reason=reboot,ocp,buck5s setprop vendor.brownout_reason "ocp,buck5s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK6S && property:sys.boot.reason=reboot,ocp,buck6s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK6S && property:sys.boot.reason=reboot,ocp,buck6s setprop vendor.brownout_reason "ocp,buck6s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK7S && property:sys.boot.reason=reboot,ocp,buck7s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK7S && property:sys.boot.reason=reboot,ocp,buck7s setprop vendor.brownout_reason "ocp,buck7s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK8S && property:sys.boot.reason=reboot,ocp,buck8s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK8S && property:sys.boot.reason=reboot,ocp,buck8s setprop vendor.brownout_reason "ocp,buck8s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK9S && property:sys.boot.reason=reboot,ocp,buck9s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK9S && property:sys.boot.reason=reboot,ocp,buck9s setprop vendor.brownout_reason "ocp,buck9s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK10S && property:sys.boot.reason=reboot,ocp,buck10s +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK10S && property:sys.boot.reason=reboot,ocp,buck10s setprop vendor.brownout_reason "ocp,buck10s" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKDS && property:sys.boot.reason=reboot,ocp,buckds +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKDS && property:sys.boot.reason=reboot,ocp,buckds setprop vendor.brownout_reason "ocp,buckds" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKAS && property:sys.boot.reason=reboot,ocp,buckas +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKAS && property:sys.boot.reason=reboot,ocp,buckas setprop vendor.brownout_reason "ocp,buckas" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKCS && property:sys.boot.reason=reboot,ocp,buckcs +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKCS && property:sys.boot.reason=reboot,ocp,buckcs setprop vendor.brownout_reason "ocp,buckcs" -on property:vendor.thermal.link_ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKBS && property:sys.boot.reason=reboot,ocp,buckbs +on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKBS && property:sys.boot.reason=reboot,ocp,buckbs setprop vendor.brownout_reason "ocp,buckbs" on property:vendor.brownout.br.feasible=1 From e6dce88732024e3d1a22a85dc79c04389c8ee390 Mon Sep 17 00:00:00 2001 From: samou Date: Wed, 15 Nov 2023 02:14:37 +0000 Subject: [PATCH 19/55] bm: Support battery mitigation aidl - move cc_binary to vendor/google/interfaces/ battery_mitigation - fix sepolicy to support aidl Bug: 299700579 Change-Id: I7345ffc1e2ddb46d9979a1fadef39dd0c2c281d6 Signed-off-by: samou --- battery_mitigation/Android.bp | 51 ---- battery_mitigation/battery_mitigation.cpp | 221 ------------------ battery_mitigation/battery_mitigation.rc | 97 -------- battery_mitigation/bcl-aidl.mk | 17 -- battery_mitigation/bcl.mk | 12 +- battery_mitigation/compatibility_matrix.xml | 10 + .../sepolicy/vendor/battery_mitigation.te | 2 + battery_mitigation/sepolicy/vendor/service.te | 1 + .../sepolicy/vendor/service_contexts | 1 + 9 files changed, 25 insertions(+), 387 deletions(-) delete mode 100644 battery_mitigation/Android.bp delete mode 100644 battery_mitigation/battery_mitigation.cpp delete mode 100644 battery_mitigation/battery_mitigation.rc delete mode 100644 battery_mitigation/bcl-aidl.mk create mode 100644 battery_mitigation/compatibility_matrix.xml create mode 100644 battery_mitigation/sepolicy/vendor/service.te create mode 100644 battery_mitigation/sepolicy/vendor/service_contexts diff --git a/battery_mitigation/Android.bp b/battery_mitigation/Android.bp deleted file mode 100644 index c919de5..0000000 --- a/battery_mitigation/Android.bp +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (C) 2022 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -soong_namespace { - imports: [ - "hardware/google/pixel", - ], -} - -package { - default_applicable_licenses: ["Android-Apache-2.0"], -} - -cc_binary { - vendor: true, - name: "battery_mitigation", - relative_install_path: "hw", - proprietary: true, - init_rc: ["battery_mitigation.rc"], - shared_libs: [ - "libpixelmitigation", - "libbase", - "libbinder_ndk", - "libcutils", - "libhardware", - "liblog", - "libutils", - "android.hardware.thermal@2.0", - "android.hardware.thermal-V1-ndk" - ], - srcs: [ - "battery_mitigation.cpp", - ], - cflags: [ - "-Wall", - "-Werror", - ], -} diff --git a/battery_mitigation/battery_mitigation.cpp b/battery_mitigation/battery_mitigation.cpp deleted file mode 100644 index a4e28b9..0000000 --- a/battery_mitigation/battery_mitigation.cpp +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright (C) 2022 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#define LOG_TAG "battery-mitigation" - -#include -#include -#include -#include -#include - -#define COUNT_LIMIT 10 - -using android::hardware::google::pixel::BatteryMitigation; -using android::hardware::google::pixel::BatteryMitigationService; -using android::hardware::google::pixel::MitigationConfig; - -android::sp bmSp; -android::sp batteryMitigationService; - -const struct MitigationConfig::Config cfg = { - .SystemPath = { - "/dev/thermal/tz-by-name/batoilo/temp", - "/dev/thermal/tz-by-name/smpl_gm/temp", - "/dev/thermal/tz-by-name/soc/temp", - "/dev/thermal/tz-by-name/vdroop1/temp", - "/dev/thermal/tz-by-name/vdroop2/temp", - "/dev/thermal/tz-by-name/ocp_gpu/temp", - "/dev/thermal/tz-by-name/ocp_tpu/temp", - "/dev/thermal/tz-by-name/soft_ocp_cpu2/temp", - "/dev/thermal/tz-by-name/soft_ocp_cpu1/temp", - "/dev/thermal/tz-by-name/battery/temp", - "/dev/thermal/tz-by-name/battery_cycle/temp", - "/sys/bus/iio/devices/iio:device0/lpf_power", - "/sys/bus/iio/devices/iio:device1/lpf_power", - "/dev/thermal/cdev-by-name/thermal-cpufreq-2/cur_state", - "/dev/thermal/cdev-by-name/thermal-cpufreq-1/cur_state", - "/dev/thermal/cdev-by-name/thermal-gpufreq-0/cur_state", - "/dev/thermal/cdev-by-name/tpu_cooling/cur_state", - "/dev/thermal/cdev-by-name/CAM/cur_state", - "/dev/thermal/cdev-by-name/DISP/cur_state", - "/dev/thermal/cdev-by-name/gxp-cooling/cur_state", - "/sys/class/power_supply/battery/voltage_now", - "/sys/class/power_supply/battery/current_now", - }, - .FilteredZones = { - "batoilo", - "vdroop1", - "vdroop2", - "smpl_gm", - }, - .SystemName = { - "batoilo", "smpl_gm", "soc", "vdroop1", "vdroop2", "ocp_gpu", - "ocp_tpu", "soft_ocp_cpu2", "soft_ocp_cpu1", "battery", "battery_cycle", - "main", "sub", "CPU2", "CPU1", "GPU", "TPU", "CAM", "DISP", "NPU", - "voltage_now", "current_now", - }, - .LogFilePath = "/data/vendor/mitigation/thismeal.txt", - .TimestampFormat = "%Y-%m-%d %H:%M:%S", -}; - -const struct MitigationConfig::EventThreadConfig eventThreadCfg = { - .BrownoutStatsEnablePath = "/sys/devices/virtual/pmic/mitigation/br_stats/enable_br_stats", - .NumericSysfsStatPaths = { - {"cpu0_freq", "/sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq"}, - {"cpu1_freq", "/sys/devices/system/cpu/cpu1/cpufreq/scaling_cur_freq"}, - {"cpu2_freq", "/sys/devices/system/cpu/cpu2/cpufreq/scaling_cur_freq"}, - {"battery_temp", "/dev/thermal/tz-by-name/battery/temp"}, - {"battery_cycle", "/dev/thermal/tz-by-name/battery_cycle/temp"}, - {"voltage_now", "/sys/class/power_supply/battery/voltage_now"}, - {"current_now", "/sys/class/power_supply/battery/current_now"}, - }, - .TriggeredIdxPath = "/sys/devices/virtual/pmic/mitigation/br_stats/triggered_idx", - .triggeredStatePath[android::hardware::google::pixel::UVLO1] = - "/sys/devices/virtual/pmic/mitigation/triggered_state/uvlo1_triggered", - .triggeredStatePath[android::hardware::google::pixel::UVLO2] = - "/sys/devices/virtual/pmic/mitigation/triggered_state/uvlo2_triggered", - .triggeredStatePath[android::hardware::google::pixel::OILO1] = - "/sys/devices/virtual/pmic/mitigation/triggered_state/oilo1_triggered", - .triggeredStatePath[android::hardware::google::pixel::OILO2] = - "/sys/devices/virtual/pmic/mitigation/triggered_state/oilo2_triggered", - .triggeredStatePath[android::hardware::google::pixel::SMPL] = - "/sys/devices/virtual/pmic/mitigation/triggered_state/smpl_triggered", - .BrownoutStatsPath = "/sys/devices/virtual/pmic/mitigation/br_stats/stats", - .StoringPath = "/data/vendor/mitigation/thismeal.bin", - .ParsedThismealPath = "/data/vendor/mitigation/thismeal.txt", - .ParsedLastmealPath = "/data/vendor/mitigation/lastmeal.txt", - .ParsedLastmealCSVPath = "/data/vendor/mitigation/lastmeal.csv", - .FvpStatsPath = "/sys/devices/platform/acpm_stats/fvp_stats", - .PmicCommon = { - /* Main Pmic */ - { - .OdpmDir = "/sys/bus/iio/devices/iio:device0", - .OdpmEnabledRailsPath = "/sys/bus/iio/devices/iio:device0/enabled_rails", - .PmicNamePath = "/sys/bus/iio/devices/iio:device0/name", - }, - /* Sub Pmic */ - { - .OdpmDir = "/sys/bus/iio/devices/iio:device1", - .OdpmEnabledRailsPath = "/sys/bus/iio/devices/iio:device1/enabled_rails", - .PmicNamePath = "/sys/bus/iio/devices/iio:device1/name", - }, - }, - .PlatformSpecific = { - .NumericSysfsStatPaths = { - { - .name = "battery_soc", - .paths = { - "/sys/class/power_supply/max77759fg/capacity", - "/sys/class/power_supply/max77779fg/capacity", - }, - }, - { - .name = "gpu_freq", - .paths = { - "/sys/devices/platform/1c500000.mali/cur_freq", - "/sys/devices/platform/28000000.mali/cur_freq", - "/sys/devices/platform/1f000000.mali/cur_freq", - }, - }, - - }, - }, -}; - -const char kReadyFilePath[] = "/sys/devices/virtual/pmic/mitigation/instruction/ready"; -const char kReadyProperty[] = "vendor.brownout.mitigation.ready"; -const char kLastMealPath[] = "/data/vendor/mitigation/lastmeal.txt"; -const char kBRRequestedProperty[] = "vendor.brownout_reason"; -const char kLastMealProperty[] = "vendor.brownout.br.feasible"; -const std::regex kTimestampRegex("^\\S+\\s[0-9]+:[0-9]+:[0-9]+\\S+$"); - -int main(int argc, char **argv) { - batteryMitigationService = new BatteryMitigationService(eventThreadCfg); - if (!batteryMitigationService) { - return 0; - } - bool brownoutStatsBinarySupported = batteryMitigationService->isBrownoutStatsBinarySupported(); - if (argc == 2) { - if(strcmp(argv[1], "-d") == 0 && - brownoutStatsBinarySupported) { - /* Create thismeal.txt from thismeal.bin */ - batteryMitigationService->genParsedMeal(eventThreadCfg.ParsedThismealPath); - } - return 0; - } - - setpriority(PRIO_PROCESS, 0, ANDROID_PRIORITY_AUDIO); - auto batteryMitigationStartTime = std::chrono::system_clock::now(); - ABinderProcess_setThreadPoolMaxThreadCount(1); - ABinderProcess_startThreadPool(); - - bool mitigationLogTimeValid; - std::string reason = android::base::GetProperty(kBRRequestedProperty, ""); - if (brownoutStatsBinarySupported) { - /* Create lastmeal.txt if the dump time in thismeal.bin are valid */ - mitigationLogTimeValid = batteryMitigationService->isTimeValid(eventThreadCfg.StoringPath, - batteryMitigationStartTime); - if (!reason.empty() && mitigationLogTimeValid && - batteryMitigationService->genParsedMeal(eventThreadCfg.ParsedLastmealPath) && - batteryMitigationService->genLastmealCSV(eventThreadCfg.ParsedLastmealCSVPath)) { - android::base::SetProperty(kLastMealProperty, "1"); - } - } else{ - bmSp = new BatteryMitigation(cfg); - if (!bmSp) { - return 0; - } - mitigationLogTimeValid = bmSp->isMitigationLogTimeValid(batteryMitigationStartTime, - cfg.LogFilePath, - cfg.TimestampFormat, - kTimestampRegex); - if (!reason.empty() && mitigationLogTimeValid) { - std::ifstream src(cfg.LogFilePath, std::ios::in); - std::ofstream dst(kLastMealPath, std::ios::out); - dst << src.rdbuf(); - android::base::SetProperty(kLastMealProperty, "1"); - } - } - - bool isBatteryMitigationReady = false; - std::string ready_str; - int val = 0; - for (int i = 0; i < COUNT_LIMIT; i++) { - if (!android::base::ReadFileToString(kReadyFilePath, &ready_str)) { - continue; - } - ready_str = android::base::Trim(ready_str); - if (!android::base::ParseInt(ready_str, &val)) { - continue; - } - if (val == 1) { - isBatteryMitigationReady = true; - break; - } - } - if (isBatteryMitigationReady) { - android::base::SetProperty(kReadyProperty, "1"); - } - if (isBatteryMitigationReady && brownoutStatsBinarySupported) { - /* Start BrownoutEventThread to poll brownout event from kernel */ - batteryMitigationService->startBrownoutEventThread(); - } - while (true) { - pause(); - } - return 0; -} diff --git a/battery_mitigation/battery_mitigation.rc b/battery_mitigation/battery_mitigation.rc deleted file mode 100644 index 2719541..0000000 --- a/battery_mitigation/battery_mitigation.rc +++ /dev/null @@ -1,97 +0,0 @@ -on property:vendor.all.modules.ready=1 - mkdir /data/vendor/mitigation 0755 system system - chown system system /data/vendor/mitigation - chown system system /sys/devices/virtual/pmic/mitigation/br_stats/enable_br_stats - start vendor.battery_mitigation - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,if && property:sys.boot.reason=reboot,uvlo,pmic,if - setprop vendor.brownout_reason "uvlo,pmic,if" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,pmic,if && property:sys.boot.reason=reboot,ocp,pmic,if - setprop vendor.brownout_reason "ocp,pmic,if" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,main && property:sys.boot.reason=reboot,uvlo,pmic,main - setprop vendor.brownout_reason "uvlo,pmic,main" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,uvlo,pmic,sub && property:sys.boot.reason=reboot,uvlo,pmic,sub - setprop vendor.brownout_reason "uvlo,pmic,sub" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK1M && property:sys.boot.reason=reboot,ocp,buck1m - setprop vendor.brownout_reason "ocp,buck1m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK2M && property:sys.boot.reason=reboot,ocp,buck2m - setprop vendor.brownout_reason "ocp,buck2m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK3M && property:sys.boot.reason=reboot,ocp,buck3m - setprop vendor.brownout_reason "ocp,buck3m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK4M && property:sys.boot.reason=reboot,ocp,buck4m - setprop vendor.brownout_reason "ocp,buck4m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK5M && property:sys.boot.reason=reboot,ocp,buck5m - setprop vendor.brownout_reason "ocp,buck5m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK6M && property:sys.boot.reason=reboot,ocp,buck6m - setprop vendor.brownout_reason "ocp,buck6m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK7M && property:sys.boot.reason=reboot,ocp,buck7m - setprop vendor.brownout_reason "ocp,buck7m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK8M && property:sys.boot.reason=reboot,ocp,buck8m - setprop vendor.brownout_reason "ocp,buck8m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK9M && property:sys.boot.reason=reboot,ocp,buck9m - setprop vendor.brownout_reason "ocp,buck9m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK10M && property:sys.boot.reason=reboot,ocp,buck10m - setprop vendor.brownout_reason "ocp,buck10m" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK1S && property:sys.boot.reason=reboot,ocp,buck1s - setprop vendor.brownout_reason "ocp,buck1s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK2S && property:sys.boot.reason=reboot,ocp,buck2s - setprop vendor.brownout_reason "ocp,buck2s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK3S && property:sys.boot.reason=reboot,ocp,buck3s - setprop vendor.brownout_reason "ocp,buck3s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK4S && property:sys.boot.reason=reboot,ocp,buck4s - setprop vendor.brownout_reason "ocp,buck4s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK5S && property:sys.boot.reason=reboot,ocp,buck5s - setprop vendor.brownout_reason "ocp,buck5s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK6S && property:sys.boot.reason=reboot,ocp,buck6s - setprop vendor.brownout_reason "ocp,buck6s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK7S && property:sys.boot.reason=reboot,ocp,buck7s - setprop vendor.brownout_reason "ocp,buck7s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK8S && property:sys.boot.reason=reboot,ocp,buck8s - setprop vendor.brownout_reason "ocp,buck8s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK9S && property:sys.boot.reason=reboot,ocp,buck9s - setprop vendor.brownout_reason "ocp,buck9s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCK10S && property:sys.boot.reason=reboot,ocp,buck10s - setprop vendor.brownout_reason "ocp,buck10s" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKDS && property:sys.boot.reason=reboot,ocp,buckds - setprop vendor.brownout_reason "ocp,buckds" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKAS && property:sys.boot.reason=reboot,ocp,buckas - setprop vendor.brownout_reason "ocp,buckas" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKCS && property:sys.boot.reason=reboot,ocp,buckcs - setprop vendor.brownout_reason "ocp,buckcs" - -on property:vendor.all.modules.ready=1 && property:ro.boot.bootreason=reboot,ocp,BUCKBS && property:sys.boot.reason=reboot,ocp,buckbs - setprop vendor.brownout_reason "ocp,buckbs" - -on property:vendor.brownout.br.feasible=1 - chown system system data/vendor/mitigation/lastmeal.txt - -service vendor.battery_mitigation /vendor/bin/hw/battery_mitigation - user system - group system - capabilities WAKE_ALARM BLOCK_SUSPEND diff --git a/battery_mitigation/bcl-aidl.mk b/battery_mitigation/bcl-aidl.mk deleted file mode 100644 index 83b4749..0000000 --- a/battery_mitigation/bcl-aidl.mk +++ /dev/null @@ -1,17 +0,0 @@ -ifeq ($(RELEASE_PIXEL_AIDL_BATTERY_MITIGATION_HAL), true) - -ifeq (,$(filter factory_%,$(TARGET_PRODUCT))) -PRODUCT_PACKAGES += battery_mitigation -endif -ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT))) -ifeq (,$(filter factory_%,$(TARGET_PRODUCT))) -PRODUCT_PACKAGES += BrownoutDetection -endif -endif - -PRODUCT_SOONG_NAMESPACES += device/google/gs-common/battery_mitigation -endif - -BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/vendor -SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/system_ext/private -SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/system_ext/public diff --git a/battery_mitigation/bcl.mk b/battery_mitigation/bcl.mk index 13e5788..5bf1a25 100644 --- a/battery_mitigation/bcl.mk +++ b/battery_mitigation/bcl.mk @@ -7,7 +7,17 @@ PRODUCT_PACKAGES += BrownoutDetection endif endif +ifeq ($(RELEASE_PIXEL_AIDL_BATTERY_MITIGATION_HAL), true) +PRODUCT_PROPERTY_OVERRIDES += \ + vendor.battery_mitigation.aidl.enable=true +endif + +PRODUCT_SOONG_NAMESPACES += device/google/gs-common/battery_mitigation \ + vendor/google/battery_mitigation +PRODUCT_PACKAGES += vendor.google.battery_mitigation-default +PRODUCT_PACKAGES += vendor.google.battery_mitigation.service_static +DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/battery_mitigation/compatibility_matrix.xml + BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/vendor SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/system_ext/private SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/battery_mitigation/sepolicy/system_ext/public -PRODUCT_SOONG_NAMESPACES += device/google/gs-common/battery_mitigation diff --git a/battery_mitigation/compatibility_matrix.xml b/battery_mitigation/compatibility_matrix.xml new file mode 100644 index 0000000..7e3d88e --- /dev/null +++ b/battery_mitigation/compatibility_matrix.xml @@ -0,0 +1,10 @@ + + + vendor.google.battery_mitigation + 1 + + IBatteryMitigation + default + + + diff --git a/battery_mitigation/sepolicy/vendor/battery_mitigation.te b/battery_mitigation/sepolicy/vendor/battery_mitigation.te index ee0780a..7552bd2 100644 --- a/battery_mitigation/sepolicy/vendor/battery_mitigation.te +++ b/battery_mitigation/sepolicy/vendor/battery_mitigation.te @@ -29,3 +29,5 @@ allow battery_mitigation mitigation_vendor_data_file:file create_file_perms; binder_use(battery_mitigation) # Allow battery_mitigation to listen brownout event by epoll_wait wakelock_use(battery_mitigation) +# Allow battery_mitigation to run aidl service +add_service(battery_mitigation, hal_battery_mitigation_service) diff --git a/battery_mitigation/sepolicy/vendor/service.te b/battery_mitigation/sepolicy/vendor/service.te new file mode 100644 index 0000000..3ffe254 --- /dev/null +++ b/battery_mitigation/sepolicy/vendor/service.te @@ -0,0 +1 @@ +type hal_battery_mitigation_service, protected_service, hal_service_type, service_manager_type; diff --git a/battery_mitigation/sepolicy/vendor/service_contexts b/battery_mitigation/sepolicy/vendor/service_contexts new file mode 100644 index 0000000..472259e --- /dev/null +++ b/battery_mitigation/sepolicy/vendor/service_contexts @@ -0,0 +1 @@ +vendor.google.battery_mitigation.IBatteryMitigation/default u:object_r:hal_battery_mitigation_service:s0 From 6954d18625dc499f5f8dbaf5ead2fa47c7690066 Mon Sep 17 00:00:00 2001 From: Wendly Li Date: Mon, 8 Jan 2024 06:32:26 +0000 Subject: [PATCH 20/55] Create syna touch dump for spi19 Bug: 273154761 Test: adb bugreport Change-Id: I87fd42e550e2aab83c3eb81ba9d4928396db2dde Signed-off-by: Wendly Li --- touch/syna/Android.bp | 3 ++- touch/syna/init.touch.syna.rc | 5 +++++ touch/syna/init.touch.syna20.rc | 3 --- touch/syna/sepolicy/genfs_contexts | 2 ++ touch/syna/syna0.mk | 2 +- touch/syna/syna19.mk | 5 +++++ touch/syna/syna20.mk | 2 +- 7 files changed, 16 insertions(+), 6 deletions(-) create mode 100644 touch/syna/init.touch.syna.rc delete mode 100644 touch/syna/init.touch.syna20.rc create mode 100644 touch/syna/syna19.mk diff --git a/touch/syna/Android.bp b/touch/syna/Android.bp index 769c76b..46475d8 100644 --- a/touch/syna/Android.bp +++ b/touch/syna/Android.bp @@ -5,7 +5,8 @@ package { sh_binary { name: "dump_syna.sh", src: "dump_syna.sh", - init_rc: ["init.touch.syna20.rc"], + init_rc: ["init.touch.syna.rc"], vendor: true, sub_dir: "dump", } + diff --git a/touch/syna/init.touch.syna.rc b/touch/syna/init.touch.syna.rc new file mode 100644 index 0000000..d52ed3b --- /dev/null +++ b/touch/syna/init.touch.syna.rc @@ -0,0 +1,5 @@ +on property:sys.boot_completed=1 + chown system system /sys/class/spi_master/spi19/spi19.0/synaptics_tcm.0/sysfs/get_raw_data + chown system system /sys/class/spi_master/spi19/spi19.0/synaptics_tcm.0/sysfs/force_active + chown system system /sys/class/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs/get_raw_data + chown system system /sys/class/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs/force_active diff --git a/touch/syna/init.touch.syna20.rc b/touch/syna/init.touch.syna20.rc deleted file mode 100644 index 7c83a6c..0000000 --- a/touch/syna/init.touch.syna20.rc +++ /dev/null @@ -1,3 +0,0 @@ -on property:vendor.device.modules.ready=1 - chown system system /sys/class/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs/get_raw_data - chown system system /sys/class/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs/force_active diff --git a/touch/syna/sepolicy/genfs_contexts b/touch/syna/sepolicy/genfs_contexts index c34d93c..1b32df8 100644 --- a/touch/syna/sepolicy/genfs_contexts +++ b/touch/syna/sepolicy/genfs_contexts @@ -1,3 +1,5 @@ genfscon sysfs /devices/platform/10d10000.spi/spi_master/spi0/spi0.0/synaptics_tcm.0/sysfs u:object_r:sysfs_touch:s0 +genfscon sysfs /devices/platform/111c0000.spi/spi_master/spi19/spi19.0/synaptics_tcm.0/sysfs u:object_r:sysfs_touch:s0 +genfscon sysfs /devices/platform/111c0000.spi/spi_master/spi19/spi19.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs u:object_r:sysfs_touch:s0 genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0 diff --git a/touch/syna/syna0.mk b/touch/syna/syna0.mk index fe2b0c5..9e10d2a 100644 --- a/touch/syna/syna0.mk +++ b/touch/syna/syna0.mk @@ -1,4 +1,4 @@ -PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.sys=/sys/devices/platform/10d10000.spi/spi_master/spi0/spi0.0/synaptics_tcm.0/sysfs +PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.sys=/sys/class/spi_master/spi0/spi0.0/synaptics_tcm.0/sysfs BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/syna/sepolicy diff --git a/touch/syna/syna19.mk b/touch/syna/syna19.mk new file mode 100644 index 0000000..45b053b --- /dev/null +++ b/touch/syna/syna19.mk @@ -0,0 +1,5 @@ +PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.sys=/sys/class/spi_master/spi19/spi19.0/synaptics_tcm.0/sysfs + +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/syna/sepolicy + +PRODUCT_PACKAGES += dump_syna.sh diff --git a/touch/syna/syna20.mk b/touch/syna/syna20.mk index 600f1ff..f8c0251 100644 --- a/touch/syna/syna20.mk +++ b/touch/syna/syna20.mk @@ -1,4 +1,4 @@ -PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.sys=/sys/devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs +PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.sys=/sys/class/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/syna/sepolicy From 64018d650be759ef44bf1106c0da82075b647e33 Mon Sep 17 00:00:00 2001 From: Robert Lee Date: Wed, 1 Nov 2023 11:14:53 +0800 Subject: [PATCH 21/55] audio: add module for tas25xx Bug: 313341617 Test: builds Change-Id: I53612c1138a042698cf953e4909b25cfcb819d5f Signed-off-by: Robert Lee --- audio/hidl_zuma.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/audio/hidl_zuma.mk b/audio/hidl_zuma.mk index d671f46..41dd02a 100644 --- a/audio/hidl_zuma.mk +++ b/audio/hidl_zuma.mk @@ -31,6 +31,7 @@ PRODUCT_PACKAGES += \ audio.bluetooth.default \ audio.r_submix.default \ audio_spk_35l41 \ + audio_spk_tas25xx \ audio_hdmi_aoc \ sound_trigger.primary.$(TARGET_BOARD_PLATFORM) From 21446e0139512a7c69ba8260b5ee3d5f1a7ed2c5 Mon Sep 17 00:00:00 2001 From: Wendly Li Date: Tue, 16 Jan 2024 09:12:06 +0000 Subject: [PATCH 22/55] Move wakeup to device's sepolicy settings Bug: 320395939 Test: make sepolicy Change-Id: I12af839756725bb0cfb2eba363c1e45cd0a6044a Signed-off-by: Wendly Li --- touch/syna/sepolicy/genfs_contexts | 2 -- 1 file changed, 2 deletions(-) diff --git a/touch/syna/sepolicy/genfs_contexts b/touch/syna/sepolicy/genfs_contexts index 1b32df8..f2e675f 100644 --- a/touch/syna/sepolicy/genfs_contexts +++ b/touch/syna/sepolicy/genfs_contexts @@ -1,5 +1,3 @@ genfscon sysfs /devices/platform/10d10000.spi/spi_master/spi0/spi0.0/synaptics_tcm.0/sysfs u:object_r:sysfs_touch:s0 genfscon sysfs /devices/platform/111c0000.spi/spi_master/spi19/spi19.0/synaptics_tcm.0/sysfs u:object_r:sysfs_touch:s0 -genfscon sysfs /devices/platform/111c0000.spi/spi_master/spi19/spi19.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/sysfs u:object_r:sysfs_touch:s0 -genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0 From e7edc9e446dcc2d54bb6968b1d21a7128c7abe40 Mon Sep 17 00:00:00 2001 From: jonerlin Date: Tue, 16 Jan 2024 23:25:48 +0800 Subject: [PATCH 23/55] collect bt hal dump log in bugreport Bug: 299800496 Test: make fw dump and vendor snoop log and triger bugreport Change-Id: Ibab330d3a446b9f50b1413348b8004a51ee8fd51 --- bcmbt/dump/dump_bcmbt.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bcmbt/dump/dump_bcmbt.cpp b/bcmbt/dump/dump_bcmbt.cpp index 0135198..8e653ed 100644 --- a/bcmbt/dump/dump_bcmbt.cpp +++ b/bcmbt/dump/dump_bcmbt.cpp @@ -21,6 +21,7 @@ #define BCMBT_SNOOP_LOG_DIRECTORY "/data/vendor/bluetooth" #define BCMBT_FW_LOG_DIRECTORY "/data/vendor/ssrdump/coredump" #define BCMBT_SNOOP_LOG_PREFIX "btsnoop_hci_vnd" +#define BCMBT_HAL_DUMP_LOG_PREFIX "coredump_bt_" #define BCMBT_FW_DUMP_LOG_PREFIX "coredump_bt_socdump_" #define BCMBT_CHRE_DUMP_LOG_PREFIX "coredump_bt_chredump_" #define BCMBT_ACTIVITY_LOG_PREFIX "bt_activity_" @@ -32,9 +33,10 @@ int main() { return 0; } - dumpLogs(BCMBT_SNOOP_LOG_DIRECTORY, outputDir.c_str(), 2, BCMBT_SNOOP_LOG_PREFIX); + dumpLogs(BCMBT_SNOOP_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_SNOOP_LOG_PREFIX); + dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_HAL_DUMP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_FW_DUMP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_CHRE_DUMP_LOG_PREFIX); - dumpLogs(BCMBT_ACTIVITY_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_ACTIVITY_LOG_PREFIX); + dumpLogs(BCMBT_ACTIVITY_LOG_DIRECTORY, outputDir.c_str(), 12, BCMBT_ACTIVITY_LOG_PREFIX); return 0; } From d202a34dbc49ae878079d714b3260c0be6f1f6e4 Mon Sep 17 00:00:00 2001 From: Bruce Po Date: Fri, 12 Jan 2024 19:28:00 +0000 Subject: [PATCH 24/55] Allow aocxd to set thread priority aocxd sets thread scheduler to SCHED_FIFO. This is so audio processing in aocxd can run without glitching. vndbinder:11464: type=1400 audit(0.0:17): avc: denied { sys_nice } for capability=23 scontext=u:r:aocxd:s0 tcontext=u:r:aocxd:s0 tclass=capability permissive=0 BUG: 318791959 Change-Id: I9c9148aa7b18ce525091f93956e112b4c178a129 --- aoc/sepolicy/aocxd.te | 3 +++ 1 file changed, 3 insertions(+) diff --git a/aoc/sepolicy/aocxd.te b/aoc/sepolicy/aocxd.te index bd9396f..bcfcd7b 100644 --- a/aoc/sepolicy/aocxd.te +++ b/aoc/sepolicy/aocxd.te @@ -23,3 +23,6 @@ wakelock_use(aocxd); # add aocx service to the domain add_service(aocxd, aocx); + +# allow managing thread priority +allow aocxd self:global_capability_class_set sys_nice; From a6c741e3a4329eab54797351c202ab0910ae6d33 Mon Sep 17 00:00:00 2001 From: Lei Ju Date: Wed, 17 Jan 2024 11:47:57 -0800 Subject: [PATCH 25/55] Introduce a property for multiclient HAL Test: set the property in .rc file and run adb shell getprop to verify the property is set. Bug: 248615564 Change-Id: I18a52c2a29df2cc5bad73d49e39c4e6ee1381106 --- chre/sepolicy/property.te | 1 + chre/sepolicy/property_contexts | 1 + chre/sepolicy/vendor_init.te | 1 + 3 files changed, 3 insertions(+) create mode 100644 chre/sepolicy/property.te create mode 100644 chre/sepolicy/property_contexts create mode 100644 chre/sepolicy/vendor_init.te diff --git a/chre/sepolicy/property.te b/chre/sepolicy/property.te new file mode 100644 index 0000000..f2a98eb --- /dev/null +++ b/chre/sepolicy/property.te @@ -0,0 +1 @@ +vendor_internal_prop(vendor_chre_hal_prop) \ No newline at end of file diff --git a/chre/sepolicy/property_contexts b/chre/sepolicy/property_contexts new file mode 100644 index 0000000..f3d3fd8 --- /dev/null +++ b/chre/sepolicy/property_contexts @@ -0,0 +1 @@ +vendor.chre.multiclient_hal u:object_r:vendor_chre_hal_prop:s0 \ No newline at end of file diff --git a/chre/sepolicy/vendor_init.te b/chre/sepolicy/vendor_init.te new file mode 100644 index 0000000..d1a70fe --- /dev/null +++ b/chre/sepolicy/vendor_init.te @@ -0,0 +1 @@ +set_prop(vendor_init, vendor_chre_hal_prop) \ No newline at end of file From 55f48f663ccaa5742e687195230f8a9f4b12c58d Mon Sep 17 00:00:00 2001 From: Nishok Kumar S Date: Tue, 16 Jan 2024 07:40:07 +0000 Subject: [PATCH 26/55] Connect Gxp runtime to TPU authentication service - Add selinux policies to allow edgetpu_app_service to access gxp device. Bug: 316262348 Test: Disable selinux policies for GCA, then verify if GCA is able to access device through edgetpu app service. Change-Id: I83429755b1406289c8714d9499c1f14c1ec76a30 --- edgetpu/sepolicy/file_contexts | 2 +- gxp/sepolicy/appdomain.te | 2 ++ gxp/sepolicy/edgetpu_app_service.te | 6 ++++++ gxp/sepolicy/priv_app.te | 3 +++ gxp/sepolicy/untrusted_app_all.te | 3 +++ 5 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 gxp/sepolicy/appdomain.te create mode 100644 gxp/sepolicy/edgetpu_app_service.te create mode 100644 gxp/sepolicy/priv_app.te create mode 100644 gxp/sepolicy/untrusted_app_all.te diff --git a/edgetpu/sepolicy/file_contexts b/edgetpu/sepolicy/file_contexts index df0a63e..0cada88 100644 --- a/edgetpu/sepolicy/file_contexts +++ b/edgetpu/sepolicy/file_contexts @@ -15,7 +15,7 @@ /vendor/lib64/libmetrics_logger\.so u:object_r:same_process_hal_file:s0 /vendor/lib64/libedgetpu_util\.so u:object_r:same_process_hal_file:s0 # EdgeTPU runtime libraries -/vendor/lib64/com\.google\.edgetpu_app_service-V[1-2]-ndk\.so u:object_r:same_process_hal_file:s0 +/vendor/lib64/com\.google\.edgetpu_app_service-V[1-3]-ndk\.so u:object_r:same_process_hal_file:s0 /vendor/lib64/com\.google\.edgetpu_vendor_service-V[1-2]-ndk\.so u:object_r:same_process_hal_file:s0 # EdgeTPU data files diff --git a/gxp/sepolicy/appdomain.te b/gxp/sepolicy/appdomain.te new file mode 100644 index 0000000..ada9421 --- /dev/null +++ b/gxp/sepolicy/appdomain.te @@ -0,0 +1,2 @@ +# Allow apps to read gxp properties +get_prop(appdomain, vendor_gxp_prop) diff --git a/gxp/sepolicy/edgetpu_app_service.te b/gxp/sepolicy/edgetpu_app_service.te new file mode 100644 index 0000000..780823f --- /dev/null +++ b/gxp/sepolicy/edgetpu_app_service.te @@ -0,0 +1,6 @@ +# Allow Edgetpu App Service to access the GXP device and read GXP properties. +allow edgetpu_app_server gxp_device:chr_file rw_file_perms; +get_prop(edgetpu_app_server, vendor_gxp_prop) + +# Allows Edgetpu App Service to search for GXP firmware file. +allow edgetpu_app_server vendor_fw_file:dir search; diff --git a/gxp/sepolicy/priv_app.te b/gxp/sepolicy/priv_app.te new file mode 100644 index 0000000..8afc24d --- /dev/null +++ b/gxp/sepolicy/priv_app.te @@ -0,0 +1,3 @@ +# Allows privileged applications to access the GXP device, except open, +# which is guarded by the EdgeTPU service. +allow priv_app gxp_device:chr_file { getattr read write ioctl map }; diff --git a/gxp/sepolicy/untrusted_app_all.te b/gxp/sepolicy/untrusted_app_all.te new file mode 100644 index 0000000..456dfee --- /dev/null +++ b/gxp/sepolicy/untrusted_app_all.te @@ -0,0 +1,3 @@ +# Allows applications to access the GXP device, except open, +# which is guarded by the EdgeTPU service. +allow untrusted_app_all gxp_device:chr_file { getattr read write ioctl map }; From 2dcb59ac743906dfaf2ea40e32951dc6abc81225 Mon Sep 17 00:00:00 2001 From: Liana Kazanova Date: Thu, 18 Jan 2024 19:21:33 +0000 Subject: [PATCH 27/55] Revert "collect bt hal dump log in bugreport" This reverts commit e7edc9e446dcc2d54bb6968b1d21a7128c7abe40. Reason for revert: Probable culprit for b/320755845. Will be running through ABTD for confirming and before submitting the revert. Change-Id: Id989e182396c498afd3f15b70977ba5fba22c557 --- bcmbt/dump/dump_bcmbt.cpp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/bcmbt/dump/dump_bcmbt.cpp b/bcmbt/dump/dump_bcmbt.cpp index 8e653ed..0135198 100644 --- a/bcmbt/dump/dump_bcmbt.cpp +++ b/bcmbt/dump/dump_bcmbt.cpp @@ -21,7 +21,6 @@ #define BCMBT_SNOOP_LOG_DIRECTORY "/data/vendor/bluetooth" #define BCMBT_FW_LOG_DIRECTORY "/data/vendor/ssrdump/coredump" #define BCMBT_SNOOP_LOG_PREFIX "btsnoop_hci_vnd" -#define BCMBT_HAL_DUMP_LOG_PREFIX "coredump_bt_" #define BCMBT_FW_DUMP_LOG_PREFIX "coredump_bt_socdump_" #define BCMBT_CHRE_DUMP_LOG_PREFIX "coredump_bt_chredump_" #define BCMBT_ACTIVITY_LOG_PREFIX "bt_activity_" @@ -33,10 +32,9 @@ int main() { return 0; } - dumpLogs(BCMBT_SNOOP_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_SNOOP_LOG_PREFIX); - dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_HAL_DUMP_LOG_PREFIX); + dumpLogs(BCMBT_SNOOP_LOG_DIRECTORY, outputDir.c_str(), 2, BCMBT_SNOOP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_FW_DUMP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_CHRE_DUMP_LOG_PREFIX); - dumpLogs(BCMBT_ACTIVITY_LOG_DIRECTORY, outputDir.c_str(), 12, BCMBT_ACTIVITY_LOG_PREFIX); + dumpLogs(BCMBT_ACTIVITY_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_ACTIVITY_LOG_PREFIX); return 0; } From fca1de2ce3345e6a170223f26fd2e682eb59bc64 Mon Sep 17 00:00:00 2001 From: jonerlin Date: Tue, 23 Jan 2024 23:05:27 +0800 Subject: [PATCH 28/55] collect bt hal dump log to bugreport Bug: 299800496 Test: make fw dump and vendor snoop log and triger bugreport Change-Id: Idb5262267cce65f764bcc195d4f434c6cac4ba3a --- bcmbt/dump/dump_bcmbt.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/bcmbt/dump/dump_bcmbt.cpp b/bcmbt/dump/dump_bcmbt.cpp index 0135198..8ebd579 100644 --- a/bcmbt/dump/dump_bcmbt.cpp +++ b/bcmbt/dump/dump_bcmbt.cpp @@ -23,6 +23,7 @@ #define BCMBT_SNOOP_LOG_PREFIX "btsnoop_hci_vnd" #define BCMBT_FW_DUMP_LOG_PREFIX "coredump_bt_socdump_" #define BCMBT_CHRE_DUMP_LOG_PREFIX "coredump_bt_chredump_" +#define BCMBT_HAL_DUMP_LOG_PREFIX "coredump_bt_" #define BCMBT_ACTIVITY_LOG_PREFIX "bt_activity_" int main() { @@ -35,6 +36,7 @@ int main() { dumpLogs(BCMBT_SNOOP_LOG_DIRECTORY, outputDir.c_str(), 2, BCMBT_SNOOP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_FW_DUMP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_CHRE_DUMP_LOG_PREFIX); + dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_HAL_DUMP_LOG_PREFIX); dumpLogs(BCMBT_ACTIVITY_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_ACTIVITY_LOG_PREFIX); return 0; } From 9e2b4ef8d638b4d6d6c40c631810edc0fedd8930 Mon Sep 17 00:00:00 2001 From: Dana Simard Date: Wed, 24 Jan 2024 01:48:24 +0000 Subject: [PATCH 29/55] Include fatal-error camera CPA files in bugreports These CPA files are written on fatal errors in the camera HAL GraphRunner. Test: manual test that files attached to bugreport Bug: 321993145 Change-Id: Ieeb84fbb6d52c95d5b123a7fff5c9b93c9d0fcbc --- camera/dump_camera.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/camera/dump_camera.cpp b/camera/dump_camera.cpp index 548a866..5a0229b 100644 --- a/camera/dump_camera.cpp +++ b/camera/dump_camera.cpp @@ -45,6 +45,7 @@ int main() { dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "high-drop-rate-"); dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "watchdog-"); dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "camera-ended-"); + dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "fatal-error-"); dumpLogs(kGraphStateDumpDir.data(), cameraDestDir.c_str(), 5, "hal_graph_state_"); From ca1c35e500ed9d714bf65353342397ea05280e32 Mon Sep 17 00:00:00 2001 From: Wayne Lin Date: Mon, 29 Jan 2024 11:52:10 +0800 Subject: [PATCH 30/55] gps: refine iGNSS build system - sepolicy Bug: 318310869 Bug: 315915958 Test: build pass, GPS works and no GPS avc denied error Change-Id: Ib2aa778a0d0e8a51f4d6733b6a55ccf588a05079 --- gps/lsi/s5400.mk | 16 ++++++++++++++++ gps/lsi/sepolicy/file.te | 1 + gps/lsi/sepolicy/file_contexts | 12 ++++++++++++ gps/lsi/sepolicy/gnss_check.te | 9 +++++++++ gps/lsi/sepolicy/gnssd.te | 26 ++++++++++++++++++++++++++ gps/lsi/sepolicy/hal_gnss_default.te | 9 +++++++++ gps/lsi/sepolicy/rild.te | 1 + gps/lsi/sepolicy/sctd.te | 3 +++ gps/lsi/sepolicy/spad.te | 3 +++ gps/lsi/sepolicy/swcnd.te | 3 +++ gps/lsi/sepolicy/vendor_init.te | 2 ++ 11 files changed, 85 insertions(+) create mode 100644 gps/lsi/s5400.mk create mode 100644 gps/lsi/sepolicy/file.te create mode 100644 gps/lsi/sepolicy/file_contexts create mode 100644 gps/lsi/sepolicy/gnss_check.te create mode 100644 gps/lsi/sepolicy/gnssd.te create mode 100644 gps/lsi/sepolicy/hal_gnss_default.te create mode 100644 gps/lsi/sepolicy/rild.te create mode 100644 gps/lsi/sepolicy/sctd.te create mode 100644 gps/lsi/sepolicy/spad.te create mode 100644 gps/lsi/sepolicy/swcnd.te create mode 100644 gps/lsi/sepolicy/vendor_init.te diff --git a/gps/lsi/s5400.mk b/gps/lsi/s5400.mk new file mode 100644 index 0000000..de676ff --- /dev/null +++ b/gps/lsi/s5400.mk @@ -0,0 +1,16 @@ +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gps/lsi/sepolicy + +PRODUCT_SOONG_NAMESPACES += \ + vendor/samsung_slsi/gps/s5400 + +PRODUCT_PACKAGES += \ + android.hardware.location.gps.prebuilt.xml \ + gnssd \ + android.hardware.gnss-service \ + ca.pem \ + gnss_check.sh \ + kepler.bin + +ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT))) + PRODUCT_VENDOR_PROPERTIES += vendor.gps.aol.enabled=true +endif diff --git a/gps/lsi/sepolicy/file.te b/gps/lsi/sepolicy/file.te new file mode 100644 index 0000000..af9582b --- /dev/null +++ b/gps/lsi/sepolicy/file.te @@ -0,0 +1 @@ +type vendor_gps_file, file_type, data_file_type; diff --git a/gps/lsi/sepolicy/file_contexts b/gps/lsi/sepolicy/file_contexts new file mode 100644 index 0000000..9840eab --- /dev/null +++ b/gps/lsi/sepolicy/file_contexts @@ -0,0 +1,12 @@ +# GPS +/dev/gnss_ipc u:object_r:vendor_gnss_device:s0 +/dev/gnss_boot u:object_r:vendor_gnss_device:s0 +/dev/gnss_dump u:object_r:vendor_gnss_device:s0 +/vendor/bin/hw/gnssd u:object_r:gnssd_exec:s0 +/vendor/bin/hw/sctd u:object_r:sctd_exec:s0 +/vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0 +/vendor/bin/hw/spad u:object_r:spad_exec:s0 +/vendor/bin/hw/android.hardware.gnss-service u:object_r:hal_gnss_default_exec:s0 +/vendor/bin/gnss_check\.sh u:object_r:gnss_check_exec:s0 +# keep only one rule and use eGNSS one +# /data/vendor/gps(/.*)? u:object_r:vendor_gps_file:s0 diff --git a/gps/lsi/sepolicy/gnss_check.te b/gps/lsi/sepolicy/gnss_check.te new file mode 100644 index 0000000..31d0944 --- /dev/null +++ b/gps/lsi/sepolicy/gnss_check.te @@ -0,0 +1,9 @@ +type gnss_check, domain; +type gnss_check_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(gnss_check); + +allow gnss_check vendor_toolbox_exec:file { execute_no_trans }; + +set_prop(gnss_check, ctl_stop_prop); +set_prop(gnss_check, ctl_start_prop); diff --git a/gps/lsi/sepolicy/gnssd.te b/gps/lsi/sepolicy/gnssd.te new file mode 100644 index 0000000..487bcbb --- /dev/null +++ b/gps/lsi/sepolicy/gnssd.te @@ -0,0 +1,26 @@ +type gnssd, domain; +type gnssd_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(gnssd); + +# Allow gnssd to access rild +binder_call(gnssd, rild); +binder_call(gnssd, hwservicemanager) +allow gnssd hal_exynos_rild_hwservice:hwservice_manager find; +allow gnssd radio_device:chr_file rw_file_perms; + +# Allow gnssd to acess gnss device +allow gnssd vendor_gnss_device:chr_file rw_file_perms; +allow gnssd vendor_gps_file:dir create_dir_perms; +allow gnssd vendor_gps_file:file create_file_perms; +allow gnssd vendor_gps_file:fifo_file create_file_perms; + +# Allow gnssd to obtain wakelock +wakelock_use(gnssd) + +# Allow a base set of permissions required for network access. +net_domain(gnssd); + +# Allow gnssd to get boot complete +get_prop(gnssd, bootanim_system_prop) + +allow gnssd sysfs_soc:file r_file_perms; diff --git a/gps/lsi/sepolicy/hal_gnss_default.te b/gps/lsi/sepolicy/hal_gnss_default.te new file mode 100644 index 0000000..515a923 --- /dev/null +++ b/gps/lsi/sepolicy/hal_gnss_default.te @@ -0,0 +1,9 @@ +allow hal_gnss_default fwk_sensor_service:service_manager find; +allow hal_gnss_default gnssd:unix_stream_socket connectto; +allow hal_gnss_default vendor_gps_file:dir create_dir_perms; +allow hal_gnss_default vendor_gps_file:file create_file_perms; +allow hal_gnss_default vendor_gps_file:fifo_file create_file_perms; +binder_call(hal_gnss_default, gnssd); + +#Read GPS property +get_prop(hal_gnss_default, vendor_gps_prop) diff --git a/gps/lsi/sepolicy/rild.te b/gps/lsi/sepolicy/rild.te new file mode 100644 index 0000000..c620a19 --- /dev/null +++ b/gps/lsi/sepolicy/rild.te @@ -0,0 +1 @@ +binder_call(rild, gnssd) diff --git a/gps/lsi/sepolicy/sctd.te b/gps/lsi/sepolicy/sctd.te new file mode 100644 index 0000000..8966ef8 --- /dev/null +++ b/gps/lsi/sepolicy/sctd.te @@ -0,0 +1,3 @@ +type sctd, domain; +type sctd_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(sctd); diff --git a/gps/lsi/sepolicy/spad.te b/gps/lsi/sepolicy/spad.te new file mode 100644 index 0000000..eaf8b1c --- /dev/null +++ b/gps/lsi/sepolicy/spad.te @@ -0,0 +1,3 @@ +type spad, domain; +type spad_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(spad); diff --git a/gps/lsi/sepolicy/swcnd.te b/gps/lsi/sepolicy/swcnd.te new file mode 100644 index 0000000..c366cad --- /dev/null +++ b/gps/lsi/sepolicy/swcnd.te @@ -0,0 +1,3 @@ +type swcnd, domain; +type swcnd_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(swcnd); diff --git a/gps/lsi/sepolicy/vendor_init.te b/gps/lsi/sepolicy/vendor_init.te new file mode 100644 index 0000000..c8d637d --- /dev/null +++ b/gps/lsi/sepolicy/vendor_init.te @@ -0,0 +1,2 @@ +# gps vendor property +set_prop(vendor_init, vendor_gps_prop) From 6c6505d0b1c0ffc208dd928fa3eb0ea41ef019b5 Mon Sep 17 00:00:00 2001 From: jonerlin Date: Tue, 30 Jan 2024 22:01:51 +0800 Subject: [PATCH 31/55] collect bt backup snoop log to bugreport Bug: 313326125 Test: make bt crash and get bugreport Change-Id: I4ea65d539e9bbff67b79b05eb0e17a10a57e34bc --- bcmbt/dump/dump_bcmbt.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/bcmbt/dump/dump_bcmbt.cpp b/bcmbt/dump/dump_bcmbt.cpp index 8ebd579..fde0ad0 100644 --- a/bcmbt/dump/dump_bcmbt.cpp +++ b/bcmbt/dump/dump_bcmbt.cpp @@ -21,6 +21,7 @@ #define BCMBT_SNOOP_LOG_DIRECTORY "/data/vendor/bluetooth" #define BCMBT_FW_LOG_DIRECTORY "/data/vendor/ssrdump/coredump" #define BCMBT_SNOOP_LOG_PREFIX "btsnoop_hci_vnd" +#define BCMBT_BACKUP_SNOOP_LOG_PREFIX "backup_btsnoop_hci_vnd" #define BCMBT_FW_DUMP_LOG_PREFIX "coredump_bt_socdump_" #define BCMBT_CHRE_DUMP_LOG_PREFIX "coredump_bt_chredump_" #define BCMBT_HAL_DUMP_LOG_PREFIX "coredump_bt_" @@ -34,6 +35,7 @@ int main() { } dumpLogs(BCMBT_SNOOP_LOG_DIRECTORY, outputDir.c_str(), 2, BCMBT_SNOOP_LOG_PREFIX); + dumpLogs(BCMBT_SNOOP_LOG_DIRECTORY, outputDir.c_str(), 2, BCMBT_BACKUP_SNOOP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_FW_DUMP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_CHRE_DUMP_LOG_PREFIX); dumpLogs(BCMBT_FW_LOG_DIRECTORY, outputDir.c_str(), 10, BCMBT_HAL_DUMP_LOG_PREFIX); From e7431b85aeea02d921f6e6a924c0e43d532bcd2a Mon Sep 17 00:00:00 2001 From: Ben McGee Date: Tue, 9 Jan 2024 19:51:09 +0000 Subject: [PATCH 32/55] Dumpstate: Remove heap stats Bug 315711190 is caused by an issue parsing the heap statistics. A proposed long term fix has been merged in, but is deemed risky for 24Q1. This CL removes heap printing from dumpstate is a low risk approach to working around this bug. Bug: 315711190 Test: Built and tested on device Change-Id: I6134aeeda6fe74d9bbf966d44a1a98391e03a2f7 --- aoc/dump_aoc.cpp | 4 ---- 1 file changed, 4 deletions(-) diff --git a/aoc/dump_aoc.cpp b/aoc/dump_aoc.cpp index 8d5278d..b3827c8 100644 --- a/aoc/dump_aoc.cpp +++ b/aoc/dump_aoc.cpp @@ -32,10 +32,6 @@ int main() { runCommand("AoC memory votes", "timeout 0.1 cat /sys/devices/platform/*.aoc/control/memory_votes_a32"); runCommand("AoC memory votes", "timeout 0.1 cat /sys/devices/platform/*.aoc/control/memory_votes_ff1"); runCommand("clean AoC buffer","echo ' ' > /dev/acd-debug; timeout 0.1 cat /dev/acd-debug"); - runCommand("AoC Heap Stats (A32)", "echo 'dbg heap -c 1' > /dev/acd-debug; timeout 0.1 cat /dev/acd-debug"); - runCommand("AoC Heap Stats (F1)", "echo 'dbg heap -c 2' > /dev/acd-debug; timeout 0.1 cat /dev/acd-debug"); - runCommand("AoC Heap Stats (HF0)", "echo 'dbg heap -c 3' > /dev/acd-debug; timeout 0.1 cat /dev/acd-debug"); - runCommand("AoC Heap Stats (HF1)", "echo 'dbg heap -c 4' > /dev/acd-debug; timeout 0.1 cat /dev/acd-debug"); runCommand("AoC DVFS (FF1)", "echo 'dbg info -c 2 DVFSFF1' > /dev/acd-debug; timeout 0.1 cat /dev/acd-debug"); runCommand("AoC Monitor Mode Status", "echo 'monitor_mode status' > /dev/acd-debug; timeout 0.1 cat /dev/acd-debug"); return 0; From 2bb3da4f50f97fb78f75adc69cfc40c3aa968845 Mon Sep 17 00:00:00 2001 From: Klines Jiang Date: Tue, 23 Jan 2024 07:07:44 +0000 Subject: [PATCH 33/55] [Gyotaku] Add the dumpLog for gyotaku app Bug: 310110649 Test: Local build and trigger a new bugreport the result passed Change-Id: If10d4ab9120d855c5d1396413d8acfe791c05e6c --- gyotaku_app/dump/Android.bp | 20 ++++++++++++++++ gyotaku_app/dump/dump_gyotaku.cpp | 35 ++++++++++++++++++++++++++++ gyotaku_app/gyotaku.mk | 3 ++- gyotaku_app/sepolicy/dump_gyotaku.te | 11 +++++++++ gyotaku_app/sepolicy/file.te | 5 ++++ gyotaku_app/sepolicy/file_contexts | 4 ++++ 6 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 gyotaku_app/dump/Android.bp create mode 100644 gyotaku_app/dump/dump_gyotaku.cpp create mode 100644 gyotaku_app/sepolicy/dump_gyotaku.te create mode 100644 gyotaku_app/sepolicy/file.te create mode 100644 gyotaku_app/sepolicy/file_contexts diff --git a/gyotaku_app/dump/Android.bp b/gyotaku_app/dump/Android.bp new file mode 100644 index 0000000..0f62d0a --- /dev/null +++ b/gyotaku_app/dump/Android.bp @@ -0,0 +1,20 @@ +package { + default_applicable_licenses: ["Android-Apache-2.0"], +} + +cc_binary { + name: "dump_gyotaku", + srcs: ["dump_gyotaku.cpp"], + cflags: [ + "-Wall", + "-Wextra", + "-Werror", + ], + shared_libs: [ + "libbase", + "libdump", + "liblog", + ], + vendor: true, + relative_install_path: "dump", +} diff --git a/gyotaku_app/dump/dump_gyotaku.cpp b/gyotaku_app/dump/dump_gyotaku.cpp new file mode 100644 index 0000000..62c2a57 --- /dev/null +++ b/gyotaku_app/dump/dump_gyotaku.cpp @@ -0,0 +1,35 @@ +/* + * Copyright 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include +#include +#include + +#define GYOTAKU_DIRECTORY "/data/vendor/gyotaku/andlog" +#define GYOTAKU_ANDROID_LOG_PREFIX "android_" + +#define maxFileLogsNumber 30 + +int main() { + std::string outputDir = concatenatePath(BUGREPORT_PACKING_DIR, "gyotaku"); + if (mkdir(outputDir.c_str(), 0700) == -1) { + printf("Unable to create folder: %s\n", outputDir.c_str()); + return 0; + } + + dumpLogs(GYOTAKU_DIRECTORY, outputDir.c_str(), maxFileLogsNumber, GYOTAKU_ANDROID_LOG_PREFIX); + return 0; +} + diff --git a/gyotaku_app/gyotaku.mk b/gyotaku_app/gyotaku.mk index fa58556..53591dd 100644 --- a/gyotaku_app/gyotaku.mk +++ b/gyotaku_app/gyotaku.mk @@ -1,7 +1,8 @@ ifneq ($(TARGET_BUILD_VARIANT), user) ifeq (,$(filter aosp_%, $(TARGET_PRODUCT))) # Skip aosp target product PRODUCT_PACKAGES_DEBUG += \ - Gyotaku + Gyotaku \ + dump_gyotaku BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/sepolicy/ endif diff --git a/gyotaku_app/sepolicy/dump_gyotaku.te b/gyotaku_app/sepolicy/dump_gyotaku.te new file mode 100644 index 0000000..8c1727f --- /dev/null +++ b/gyotaku_app/sepolicy/dump_gyotaku.te @@ -0,0 +1,11 @@ +pixel_bugreport(dump_gyotaku) + +userdebug_or_eng(` + # For access and collecting logs into vendor radio type folder. + allow dump_gyotaku radio_vendor_data_file:dir create_dir_perms; + allow dump_gyotaku radio_vendor_data_file:file create_file_perms; + + # For access /data/vendor/ folder. + allow dump_gyotaku gyotaku_vendor_data_file:dir create_dir_perms; + allow dump_gyotaku gyotaku_vendor_data_file:file create_file_perms; +') diff --git a/gyotaku_app/sepolicy/file.te b/gyotaku_app/sepolicy/file.te new file mode 100644 index 0000000..8035955 --- /dev/null +++ b/gyotaku_app/sepolicy/file.te @@ -0,0 +1,5 @@ +# For /data/vendor use +type gyotaku_vendor_data_file, file_type, data_file_type; +userdebug_or_eng(` + typeattribute gyotaku_vendor_data_file mlstrustedobject; +') diff --git a/gyotaku_app/sepolicy/file_contexts b/gyotaku_app/sepolicy/file_contexts new file mode 100644 index 0000000..3a16a00 --- /dev/null +++ b/gyotaku_app/sepolicy/file_contexts @@ -0,0 +1,4 @@ +/data/vendor/gyotaku(/.*)? u:object_r:gyotaku_vendor_data_file:s0 + +# Pixel dump for Gyotaku +/vendor/bin/dump/dump_gyotaku u:object_r:dump_gyotaku_exec:s0 From 1ac691dcaeecfa42be07564466a7da98d2867577 Mon Sep 17 00:00:00 2001 From: Hongbo Zeng Date: Thu, 25 Jan 2024 11:58:43 +0800 Subject: [PATCH 34/55] include adum_log/adum_log_old in dumpstate_board.bin Bug: 322266425 Test: Capture bugreport and see if adum_log/adum_log_old are included in dumpsate_board.bin or not Change-Id: If9b8bbd98c699719878034859321ec54c0ced35b --- radio/dump_radio.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/radio/dump_radio.cpp b/radio/dump_radio.cpp index 8d6743c..3ee90f0 100644 --- a/radio/dump_radio.cpp +++ b/radio/dump_radio.cpp @@ -34,6 +34,8 @@ int main() { if (tcpdumpEnabled) { dumpLogs(TCPDUMP_LOG_DIRECTORY, BUGREPORT_PACKING_DIR, ::android::base::GetIntProperty(TCPDUMP_NUMBER_BUGREPORT, 5), TCPDUMP_LOG_PREFIX); } + copyFile("/data/vendor/radio/adum_log", "/data/vendor/radio/logs/always-on/all_logs/adum_log"); + copyFile("/data/vendor/radio/adum_log_old", "/data/vendor/radio/logs/always-on/all_logs/adum_log_old"); copyFile("/data/vendor/radio/metrics_data", "/data/vendor/radio/logs/always-on/all_logs/metrics_data"); copyFile("/data/vendor/radio/omadm_logs.txt", "/data/vendor/radio/logs/always-on/all_logs/omadm_logs.txt"); copyFile("/data/vendor/radio/power_anomaly_data.txt", "/data/vendor/radio/logs/always-on/all_logs/power_anomaly_data.txt"); From d888b4a3be984bbcf6a1ca9281cb2c202982c92d Mon Sep 17 00:00:00 2001 From: Lilian Wang Date: Mon, 5 Feb 2024 02:28:08 +0000 Subject: [PATCH 35/55] Revert "[Gyotaku] Add the dumpLog for gyotaku app" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 2bb3da4f50f97fb78f75adc69cfc40c3aa968845. Reason for revert: “DroidMonitor: Potential culprit for Bug b/323767330 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted."build error in Bug: 323767330 Change-Id: If23de50de2819449817fe3b1694db33d87448e28 --- gyotaku_app/dump/Android.bp | 20 ---------------- gyotaku_app/dump/dump_gyotaku.cpp | 35 ---------------------------- gyotaku_app/gyotaku.mk | 3 +-- gyotaku_app/sepolicy/dump_gyotaku.te | 11 --------- gyotaku_app/sepolicy/file.te | 5 ---- gyotaku_app/sepolicy/file_contexts | 4 ---- 6 files changed, 1 insertion(+), 77 deletions(-) delete mode 100644 gyotaku_app/dump/Android.bp delete mode 100644 gyotaku_app/dump/dump_gyotaku.cpp delete mode 100644 gyotaku_app/sepolicy/dump_gyotaku.te delete mode 100644 gyotaku_app/sepolicy/file.te delete mode 100644 gyotaku_app/sepolicy/file_contexts diff --git a/gyotaku_app/dump/Android.bp b/gyotaku_app/dump/Android.bp deleted file mode 100644 index 0f62d0a..0000000 --- a/gyotaku_app/dump/Android.bp +++ /dev/null @@ -1,20 +0,0 @@ -package { - default_applicable_licenses: ["Android-Apache-2.0"], -} - -cc_binary { - name: "dump_gyotaku", - srcs: ["dump_gyotaku.cpp"], - cflags: [ - "-Wall", - "-Wextra", - "-Werror", - ], - shared_libs: [ - "libbase", - "libdump", - "liblog", - ], - vendor: true, - relative_install_path: "dump", -} diff --git a/gyotaku_app/dump/dump_gyotaku.cpp b/gyotaku_app/dump/dump_gyotaku.cpp deleted file mode 100644 index 62c2a57..0000000 --- a/gyotaku_app/dump/dump_gyotaku.cpp +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright 2024 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include -#include - -#define GYOTAKU_DIRECTORY "/data/vendor/gyotaku/andlog" -#define GYOTAKU_ANDROID_LOG_PREFIX "android_" - -#define maxFileLogsNumber 30 - -int main() { - std::string outputDir = concatenatePath(BUGREPORT_PACKING_DIR, "gyotaku"); - if (mkdir(outputDir.c_str(), 0700) == -1) { - printf("Unable to create folder: %s\n", outputDir.c_str()); - return 0; - } - - dumpLogs(GYOTAKU_DIRECTORY, outputDir.c_str(), maxFileLogsNumber, GYOTAKU_ANDROID_LOG_PREFIX); - return 0; -} - diff --git a/gyotaku_app/gyotaku.mk b/gyotaku_app/gyotaku.mk index 53591dd..fa58556 100644 --- a/gyotaku_app/gyotaku.mk +++ b/gyotaku_app/gyotaku.mk @@ -1,8 +1,7 @@ ifneq ($(TARGET_BUILD_VARIANT), user) ifeq (,$(filter aosp_%, $(TARGET_PRODUCT))) # Skip aosp target product PRODUCT_PACKAGES_DEBUG += \ - Gyotaku \ - dump_gyotaku + Gyotaku BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/sepolicy/ endif diff --git a/gyotaku_app/sepolicy/dump_gyotaku.te b/gyotaku_app/sepolicy/dump_gyotaku.te deleted file mode 100644 index 8c1727f..0000000 --- a/gyotaku_app/sepolicy/dump_gyotaku.te +++ /dev/null @@ -1,11 +0,0 @@ -pixel_bugreport(dump_gyotaku) - -userdebug_or_eng(` - # For access and collecting logs into vendor radio type folder. - allow dump_gyotaku radio_vendor_data_file:dir create_dir_perms; - allow dump_gyotaku radio_vendor_data_file:file create_file_perms; - - # For access /data/vendor/ folder. - allow dump_gyotaku gyotaku_vendor_data_file:dir create_dir_perms; - allow dump_gyotaku gyotaku_vendor_data_file:file create_file_perms; -') diff --git a/gyotaku_app/sepolicy/file.te b/gyotaku_app/sepolicy/file.te deleted file mode 100644 index 8035955..0000000 --- a/gyotaku_app/sepolicy/file.te +++ /dev/null @@ -1,5 +0,0 @@ -# For /data/vendor use -type gyotaku_vendor_data_file, file_type, data_file_type; -userdebug_or_eng(` - typeattribute gyotaku_vendor_data_file mlstrustedobject; -') diff --git a/gyotaku_app/sepolicy/file_contexts b/gyotaku_app/sepolicy/file_contexts deleted file mode 100644 index 3a16a00..0000000 --- a/gyotaku_app/sepolicy/file_contexts +++ /dev/null @@ -1,4 +0,0 @@ -/data/vendor/gyotaku(/.*)? u:object_r:gyotaku_vendor_data_file:s0 - -# Pixel dump for Gyotaku -/vendor/bin/dump/dump_gyotaku u:object_r:dump_gyotaku_exec:s0 From ddcf9b45e92ad9c2635208662d03fe99f638d6d8 Mon Sep 17 00:00:00 2001 From: Tommy Chiu Date: Wed, 31 Jan 2024 22:51:46 +0800 Subject: [PATCH 36/55] Add nugget_aidl_test_weaver to userdebug/eng builds To minimize the steps required for device preparation. Fixed: 320200171 Test: build pass Change-Id: I271389b0c4a7fe453902db2e8971e881c72bca35 --- dauntless/gsc.mk | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/dauntless/gsc.mk b/dauntless/gsc.mk index 892f71a..0c4985f 100644 --- a/dauntless/gsc.mk +++ b/dauntless/gsc.mk @@ -19,5 +19,6 @@ PRODUCT_PACKAGES += \ PRODUCT_PACKAGES_DEBUG += citadel_integration_tests \ pwntest \ nugget_targeted_tests \ - CitadelProvision -endif \ No newline at end of file + CitadelProvision \ + nugget_aidl_test_weaver +endif From a7430966ea1937c74f4c843cad4d27673d01de4b Mon Sep 17 00:00:00 2001 From: Wayne Lin Date: Wed, 7 Feb 2024 08:52:09 +0800 Subject: [PATCH 37/55] gps: add sepolicy to coredump node Bug: 319766739 Test: build pass and verify pass Change-Id: I7cf289865540533b9d65a2c2c21d1ea4e9f391a2 --- gps/lsi/sepolicy/genfs_contexts | 2 ++ gps/lsi/sepolicy/gnssd.te | 1 + gps/lsi/sepolicy/hal_gnss_default.te | 1 + 3 files changed, 4 insertions(+) create mode 100644 gps/lsi/sepolicy/genfs_contexts diff --git a/gps/lsi/sepolicy/genfs_contexts b/gps/lsi/sepolicy/genfs_contexts new file mode 100644 index 0000000..d19427c --- /dev/null +++ b/gps/lsi/sepolicy/genfs_contexts @@ -0,0 +1,2 @@ +# gps coredump node +genfscon sysfs /devices/platform/gnssif/coredump u:object_r:sysfs_gps:s0 diff --git a/gps/lsi/sepolicy/gnssd.te b/gps/lsi/sepolicy/gnssd.te index 487bcbb..8450253 100644 --- a/gps/lsi/sepolicy/gnssd.te +++ b/gps/lsi/sepolicy/gnssd.te @@ -24,3 +24,4 @@ net_domain(gnssd); get_prop(gnssd, bootanim_system_prop) allow gnssd sysfs_soc:file r_file_perms; +allow gnssd sysfs_gps:file rw_file_perms; diff --git a/gps/lsi/sepolicy/hal_gnss_default.te b/gps/lsi/sepolicy/hal_gnss_default.te index 515a923..54a08f9 100644 --- a/gps/lsi/sepolicy/hal_gnss_default.te +++ b/gps/lsi/sepolicy/hal_gnss_default.te @@ -3,6 +3,7 @@ allow hal_gnss_default gnssd:unix_stream_socket connectto; allow hal_gnss_default vendor_gps_file:dir create_dir_perms; allow hal_gnss_default vendor_gps_file:file create_file_perms; allow hal_gnss_default vendor_gps_file:fifo_file create_file_perms; +allow hal_gnss_default sysfs_gps:file rw_file_perms; binder_call(hal_gnss_default, gnssd); #Read GPS property From 7e89a679d93ca40be7320e22e737d6cbc3f0bd64 Mon Sep 17 00:00:00 2001 From: Lei Ju Date: Tue, 23 Jan 2024 11:18:55 -0800 Subject: [PATCH 38/55] Allow sensor hal to connect to CHRE HAL These policies are required to let DropDetect and IpHeath communicate with CHRE HAL directly after CHRE multiclient HAL is enabled. Bug: 324316275 Test: Trigger drop detection and observed corresponding logs are generated. Change-Id: Icc087b59ff594224d7e637212558e68fb3f86437 --- chre/sepolicy/hal_contexthub_default.te | 3 +++ sensors/sepolicy/hal_sensors_default.te | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/chre/sepolicy/hal_contexthub_default.te b/chre/sepolicy/hal_contexthub_default.te index 542d383..87e3a42 100644 --- a/chre/sepolicy/hal_contexthub_default.te +++ b/chre/sepolicy/hal_contexthub_default.te @@ -32,3 +32,6 @@ wakelock_use(hal_contexthub_default) # Allow context hub HAL to block suspend, which is required to use EPOLLWAKEUP allow hal_contexthub_default self:global_capability2_class_set block_suspend; + +# Allow binder calls with clients +binder_call(hal_contexthub_default, hal_sensors_default) diff --git a/sensors/sepolicy/hal_sensors_default.te b/sensors/sepolicy/hal_sensors_default.te index 85a8262..846b016 100644 --- a/sensors/sepolicy/hal_sensors_default.te +++ b/sensors/sepolicy/hal_sensors_default.te @@ -63,6 +63,11 @@ unix_socket_connect(hal_sensors_default, chre, chre) ## TODO(b/248615564): Remove above rule after CHRE multiclient HAL is launched. unix_socket_connect(hal_sensors_default, chre, hal_contexthub_default) +# Allow access to CHRE multiclient HAL. +get_prop(hal_sensors_default, vendor_chre_hal_prop) +binder_call(hal_sensors_default, hal_contexthub_default) +allow hal_sensors_default hal_contexthub_service:service_manager find; + # Allow access to the power supply files for MagCC. r_dir_file(hal_sensors_default, sysfs_batteryinfo) From 14c6c627ef0cea8caef9ace51ce087bb5bba9e55 Mon Sep 17 00:00:00 2001 From: Mark Chang Date: Wed, 7 Feb 2024 12:17:28 +0000 Subject: [PATCH 39/55] Add AIDL manifests and FCMs for twoshay. [169/186] DeviceManifest/SingleAidlTest#HalIsServed/com_google_input_ITouchContextService_default_V3_76: PASSED (4ms) [170/186] DeviceManifest/SingleAidlTest#HalIsServed/com_google_input_algos_gril_IGrilAntennaTuningService_default_V3_77: PASSED (4ms) [171/186] DeviceManifest/SingleAidlTest#HalIsServed/com_google_input_algos_spd_IScreenProtectorDetectorService_default_V3_78: PASSED (4ms) Bug: 324214410 Test: atest vts_treble_vintf_vendor_test. Test: Twoshay's AIDLs pass SingleAidlTest. Change-Id: Ia307034a2f88011642d4bcf80e8aa4496266fd35 Signed-off-by: Mark Chang --- .../aidl/compatibility_matrix_gs101.xml | 10 +++++++ .../aidl/compatibility_matrix_zuma.xml | 26 +++++++++++++++++++ touch/twoshay/aidl/manifest_gs101.xml | 10 +++++++ touch/twoshay/aidl/manifest_zuma.xml | 26 +++++++++++++++++++ touch/twoshay/aidl_gs101.mk | 2 ++ touch/twoshay/aidl_zuma.mk | 2 ++ 6 files changed, 76 insertions(+) create mode 100644 touch/twoshay/aidl/compatibility_matrix_gs101.xml create mode 100644 touch/twoshay/aidl/compatibility_matrix_zuma.xml create mode 100644 touch/twoshay/aidl/manifest_gs101.xml create mode 100644 touch/twoshay/aidl/manifest_zuma.xml create mode 100644 touch/twoshay/aidl_gs101.mk create mode 100644 touch/twoshay/aidl_zuma.mk diff --git a/touch/twoshay/aidl/compatibility_matrix_gs101.xml b/touch/twoshay/aidl/compatibility_matrix_gs101.xml new file mode 100644 index 0000000..aaa2d6e --- /dev/null +++ b/touch/twoshay/aidl/compatibility_matrix_gs101.xml @@ -0,0 +1,10 @@ + + + com.google.input + 2-3 + + ITouchContextService + default + + + diff --git a/touch/twoshay/aidl/compatibility_matrix_zuma.xml b/touch/twoshay/aidl/compatibility_matrix_zuma.xml new file mode 100644 index 0000000..25d5c50 --- /dev/null +++ b/touch/twoshay/aidl/compatibility_matrix_zuma.xml @@ -0,0 +1,26 @@ + + + com.google.input + 2-3 + + ITouchContextService + default + + + + com.google.input.algos.gril + 2-3 + + IGrilAntennaTuningService + default + + + + com.google.input.algos.spd + 2-3 + + IScreenProtectorDetectorService + default + + + diff --git a/touch/twoshay/aidl/manifest_gs101.xml b/touch/twoshay/aidl/manifest_gs101.xml new file mode 100644 index 0000000..28472a0 --- /dev/null +++ b/touch/twoshay/aidl/manifest_gs101.xml @@ -0,0 +1,10 @@ + + + com.google.input + 3 + + ITouchContextService + default + + + diff --git a/touch/twoshay/aidl/manifest_zuma.xml b/touch/twoshay/aidl/manifest_zuma.xml new file mode 100644 index 0000000..dbac77d --- /dev/null +++ b/touch/twoshay/aidl/manifest_zuma.xml @@ -0,0 +1,26 @@ + + + com.google.input + 3 + + ITouchContextService + default + + + + com.google.input.algos.gril + 3 + + IGrilAntennaTuningService + default + + + + com.google.input.algos.spd + 3 + + IScreenProtectorDetectorService + default + + + diff --git a/touch/twoshay/aidl_gs101.mk b/touch/twoshay/aidl_gs101.mk new file mode 100644 index 0000000..1676cba --- /dev/null +++ b/touch/twoshay/aidl_gs101.mk @@ -0,0 +1,2 @@ +DEVICE_MANIFEST_FILE += device/google/gs-common/touch/twoshay/aidl/manifest_gs101.xml +DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/touch/twoshay/aidl/compatibility_matrix_gs101.xml diff --git a/touch/twoshay/aidl_zuma.mk b/touch/twoshay/aidl_zuma.mk new file mode 100644 index 0000000..48714fe --- /dev/null +++ b/touch/twoshay/aidl_zuma.mk @@ -0,0 +1,2 @@ +DEVICE_MANIFEST_FILE += device/google/gs-common/touch/twoshay/aidl/manifest_zuma.xml +DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/touch/twoshay/aidl/compatibility_matrix_zuma.xml From f81fcb76b3199089c5024c0ad9b181cdb726cd7d Mon Sep 17 00:00:00 2001 From: Fyodor Kyslov Date: Tue, 6 Feb 2024 03:44:45 +0000 Subject: [PATCH 40/55] Update policy for ECOService switch to NDK binder Test: atest EcoServiceTest EcoDessionTest CodecInitializationLatencyTest Bug: 301379330 Change-Id: Id7bcdda8e4c523d8f991a52875114cf786b0ae6d --- mediacodec/common/sepolicy/service.te | 1 + .../common/sepolicy/{vndservice_contexts => service_contexts} | 0 mediacodec/common/sepolicy/vndservice.te | 1 - mediacodec/samsung/sepolicy/mediacodec_samsung.te | 1 + 4 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 mediacodec/common/sepolicy/service.te rename mediacodec/common/sepolicy/{vndservice_contexts => service_contexts} (100%) delete mode 100644 mediacodec/common/sepolicy/vndservice.te diff --git a/mediacodec/common/sepolicy/service.te b/mediacodec/common/sepolicy/service.te new file mode 100644 index 0000000..3f0130b --- /dev/null +++ b/mediacodec/common/sepolicy/service.te @@ -0,0 +1 @@ +type eco_service, service_manager_type; diff --git a/mediacodec/common/sepolicy/vndservice_contexts b/mediacodec/common/sepolicy/service_contexts similarity index 100% rename from mediacodec/common/sepolicy/vndservice_contexts rename to mediacodec/common/sepolicy/service_contexts diff --git a/mediacodec/common/sepolicy/vndservice.te b/mediacodec/common/sepolicy/vndservice.te deleted file mode 100644 index 0784fe3..0000000 --- a/mediacodec/common/sepolicy/vndservice.te +++ /dev/null @@ -1 +0,0 @@ -type eco_service, vndservice_manager_type; diff --git a/mediacodec/samsung/sepolicy/mediacodec_samsung.te b/mediacodec/samsung/sepolicy/mediacodec_samsung.te index b5bd996..8d5c52c 100644 --- a/mediacodec/samsung/sepolicy/mediacodec_samsung.te +++ b/mediacodec/samsung/sepolicy/mediacodec_samsung.te @@ -5,6 +5,7 @@ init_daemon_domain(mediacodec_samsung) hal_server_domain(mediacodec_samsung, hal_codec2) add_service(mediacodec_samsung, eco_service) +binder_use(mediacodec_samsung) vndbinder_use(mediacodec_samsung) allow mediacodec_samsung video_device:chr_file rw_file_perms; From 57cd0318e2fd5d8b2c4f09cb897900b7d2a8abe7 Mon Sep 17 00:00:00 2001 From: Mikhail Naganov Date: Tue, 6 Feb 2024 20:01:42 -0800 Subject: [PATCH 41/55] Set ro.audio.ihaladaptervendorextension_enabled property This property is used by libaudiohal@aidl to detect whether the system_ext partition provides an instance of IHalAdapterVendorExtension. Bug: 323106963 Test: atest audiorouting_test Change-Id: I88d4f8ad2aff0c52f103d76e8e17e0f3d049d3b5 --- audio/aidl.mk | 2 ++ 1 file changed, 2 insertions(+) diff --git a/audio/aidl.mk b/audio/aidl.mk index 185e628..b8fd96b 100644 --- a/audio/aidl.mk +++ b/audio/aidl.mk @@ -26,5 +26,7 @@ DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/audio/aidl/d PRODUCT_PROPERTY_OVERRIDES += \ vendor.audio_hal.aidl.enable=true +PRODUCT_SYSTEM_EXT_PROPERTIES += \ + ro.audio.ihaladaptervendorextension_enabled=true $(call soong_config_set,pixel_audio_hal_type,aidl_build,true) From 442f99acafa6a00cd2757f8149ace28f485f89d3 Mon Sep 17 00:00:00 2001 From: Mitch Phillips Date: Tue, 13 Feb 2024 11:46:38 +0100 Subject: [PATCH 42/55] Enable MTE workaround for b/324412910 For now, disable MTE in this process. This will unblock stack MTE from being turned back on. Bug: 324412910 Test: Boot the device with aosp/2953627 Change-Id: If3217f477da7efac753bba676673cfcf99d8d8e1 --- mte/fullmte-pixel.mk | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mte/fullmte-pixel.mk b/mte/fullmte-pixel.mk index 96120fb..da4e7b9 100644 --- a/mte/fullmte-pixel.mk +++ b/mte/fullmte-pixel.mk @@ -1,2 +1,5 @@ include build/make/target/product/fullmte.mk BOARD_KERNEL_CMDLINE += bootloader.pixel.MTE_FORCE_ON +# TODO(b/324412910): Remove this when the stack-buffer-overflow is fixed. +PRODUCT_PRODUCT_PROPERTIES += \ + arm64.memtag.process.android.hardware.composer.hwc3-service.pixel=off \ No newline at end of file From e85971058fa5c7731bfc644a7fe858b43b599f2d Mon Sep 17 00:00:00 2001 From: Devika Krishnadas Date: Tue, 13 Feb 2024 23:42:09 +0000 Subject: [PATCH 43/55] Add Gralloc Flags Bug: 267352318 Bug: 319170642 Test: Boots to home with Gralloc4 and Gralloc5 Change-Id: Ic316408e7d83b67f21e94fec3f9cb2fea52512c2 Signed-off-by: Devika Krishnadas --- gpu/gpu.mk | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gpu/gpu.mk b/gpu/gpu.mk index d1c3a6d..b87e7ad 100644 --- a/gpu/gpu.mk +++ b/gpu/gpu.mk @@ -1,3 +1,16 @@ BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gpu/sepolicy PRODUCT_PACKAGES += gpu_probe + +USE_MAPPER5 := false + +PRODUCT_PACKAGES += pixel_gralloc_allocator +PRODUCT_PACKAGES += pixel_gralloc_mapper + +ifeq ($(USE_MAPPER5), true) +$(call soong_config_set,arm_gralloc,mapper_version,mapper5) +$(call soong_config_set,aion_buffer,mapper_version,mapper5) +else +$(call soong_config_set,arm_gralloc,mapper_version,mapper4) +$(call soong_config_set,aion_buffer,mapper_version,mapper4) +endif From ded0ee6c6ed4ae0e86dcb8742ebcf4c760d837da Mon Sep 17 00:00:00 2001 From: malikakash Date: Wed, 14 Feb 2024 21:57:50 +0000 Subject: [PATCH 44/55] Give EdgeTpu access to vendor_pcs_app - In addition, add some more allowances to more closely approximate a priv_app. Especially, accessing the cache, media storage and preloads. Bug: 325326355 Test: I've tested that existing PCS doesn't break. Change-Id: I045dd3e6d7587ba1bb405e57204d3cc7c9dc5f69 --- .../product/private/vendor_pcs_app.te | 20 +++++++++++++++++++ camera/sepolicy/vendor/vendor_pcs_app.te | 13 +++++++----- 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/camera/sepolicy/product/private/vendor_pcs_app.te b/camera/sepolicy/product/private/vendor_pcs_app.te index 6bf0451..55eeee7 100644 --- a/camera/sepolicy/product/private/vendor_pcs_app.te +++ b/camera/sepolicy/product/private/vendor_pcs_app.te @@ -1,12 +1,32 @@ typeattribute vendor_pcs_app coredomain; app_domain(vendor_pcs_app); +net_domain(vendor_pcs_app); +bluetooth_domain(vendor_pcs_app); allow vendor_pcs_app { app_api_service audioserver_service cameraserver_service + drmserver_service mediametrics_service mediaserver_service + nfc_service radio_service }:service_manager find; + +# Following allowances were replicated from priv_app +# Write to /cache. +allow vendor_pcs_app { cache_file cache_recovery_file }:dir create_dir_perms; +allow vendor_pcs_app { cache_file cache_recovery_file }:file create_file_perms; +# /cache is a symlink to /data/cache on some devices. Allow reading the link. +allow vendor_pcs_app cache_file:lnk_file r_file_perms; + +# Access to /data/media. +allow vendor_pcs_app media_rw_data_file:dir create_dir_perms; +allow vendor_pcs_app media_rw_data_file:file create_file_perms; + +# Access to /data/preloads +r_dir_file(vendor_pcs_app, preloads_data_file) +r_dir_file(vendor_pcs_app, preloads_media_file) + diff --git a/camera/sepolicy/vendor/vendor_pcs_app.te b/camera/sepolicy/vendor/vendor_pcs_app.te index e269a2f..b4d71b5 100644 --- a/camera/sepolicy/vendor/vendor_pcs_app.te +++ b/camera/sepolicy/vendor/vendor_pcs_app.te @@ -1,14 +1,17 @@ -# Allow PCS to find the LyricConfigProvider service through ServiceManager. -allow vendor_pcs_app vendor_camera_lyricconfigprovider_service:service_manager find; -# Allow PCS to find the CameraIdRemapper service through ServiceManager. -allow vendor_pcs_app vendor_camera_cameraidremapper_service:service_manager find; +allow vendor_pcs_app { + vendor_camera_lyricconfigprovider_service + vendor_camera_cameraidremapper_service + edgetpu_app_service +}:service_manager find; allow vendor_pcs_app hal_pixel_remote_camera_service:service_manager add; binder_call(vendor_pcs_app, hal_pixel_remote_camera_service); - binder_call(vendor_pcs_app, hal_camera_default); +# Allow interacting with EdgeTpu. +allow vendor_pcs_app edgetpu_device:chr_file { getattr read write ioctl map }; + # Allow PCS to open socket connections for HTTP streaming support. allow vendor_pcs_app vendor_pcs_app:unpriv_socket_class_set create_socket_perms_no_ioctl; allow vendor_pcs_app fwmarkd_socket:sock_file write; From 64ede7b44ca9f2473b0795066303c5e822d56bb1 Mon Sep 17 00:00:00 2001 From: Klines Jiang Date: Mon, 5 Feb 2024 06:46:43 +0000 Subject: [PATCH 45/55] [Gyotaku] Add the dumpLog for gyotaku app Pixel 5a (barbet) does not support Pixel dump, we need to exclude build Pixel dump for Pixel 5a (barbet) Bug: 310110649 Test: Local build and trigger a new bugreport the result passed Change-Id: Idb712b2b3830f42de21be9942be547d7fcdd929f --- gyotaku_app/dump/Android.bp | 20 ++++++++++++++++++ gyotaku_app/dump/dump_gyotaku.cpp | 35 +++++++++++++++++++++++++++++++ gyotaku_app/dump/dump_gyotaku.te | 11 ++++++++++ gyotaku_app/dump/file.te | 5 +++++ gyotaku_app/dump/file_contexts | 4 ++++ gyotaku_app/gyotaku.mk | 6 ++++++ 6 files changed, 81 insertions(+) create mode 100644 gyotaku_app/dump/Android.bp create mode 100644 gyotaku_app/dump/dump_gyotaku.cpp create mode 100644 gyotaku_app/dump/dump_gyotaku.te create mode 100644 gyotaku_app/dump/file.te create mode 100644 gyotaku_app/dump/file_contexts diff --git a/gyotaku_app/dump/Android.bp b/gyotaku_app/dump/Android.bp new file mode 100644 index 0000000..0f62d0a --- /dev/null +++ b/gyotaku_app/dump/Android.bp @@ -0,0 +1,20 @@ +package { + default_applicable_licenses: ["Android-Apache-2.0"], +} + +cc_binary { + name: "dump_gyotaku", + srcs: ["dump_gyotaku.cpp"], + cflags: [ + "-Wall", + "-Wextra", + "-Werror", + ], + shared_libs: [ + "libbase", + "libdump", + "liblog", + ], + vendor: true, + relative_install_path: "dump", +} diff --git a/gyotaku_app/dump/dump_gyotaku.cpp b/gyotaku_app/dump/dump_gyotaku.cpp new file mode 100644 index 0000000..62c2a57 --- /dev/null +++ b/gyotaku_app/dump/dump_gyotaku.cpp @@ -0,0 +1,35 @@ +/* + * Copyright 2024 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include +#include +#include + +#define GYOTAKU_DIRECTORY "/data/vendor/gyotaku/andlog" +#define GYOTAKU_ANDROID_LOG_PREFIX "android_" + +#define maxFileLogsNumber 30 + +int main() { + std::string outputDir = concatenatePath(BUGREPORT_PACKING_DIR, "gyotaku"); + if (mkdir(outputDir.c_str(), 0700) == -1) { + printf("Unable to create folder: %s\n", outputDir.c_str()); + return 0; + } + + dumpLogs(GYOTAKU_DIRECTORY, outputDir.c_str(), maxFileLogsNumber, GYOTAKU_ANDROID_LOG_PREFIX); + return 0; +} + diff --git a/gyotaku_app/dump/dump_gyotaku.te b/gyotaku_app/dump/dump_gyotaku.te new file mode 100644 index 0000000..8c1727f --- /dev/null +++ b/gyotaku_app/dump/dump_gyotaku.te @@ -0,0 +1,11 @@ +pixel_bugreport(dump_gyotaku) + +userdebug_or_eng(` + # For access and collecting logs into vendor radio type folder. + allow dump_gyotaku radio_vendor_data_file:dir create_dir_perms; + allow dump_gyotaku radio_vendor_data_file:file create_file_perms; + + # For access /data/vendor/ folder. + allow dump_gyotaku gyotaku_vendor_data_file:dir create_dir_perms; + allow dump_gyotaku gyotaku_vendor_data_file:file create_file_perms; +') diff --git a/gyotaku_app/dump/file.te b/gyotaku_app/dump/file.te new file mode 100644 index 0000000..8035955 --- /dev/null +++ b/gyotaku_app/dump/file.te @@ -0,0 +1,5 @@ +# For /data/vendor use +type gyotaku_vendor_data_file, file_type, data_file_type; +userdebug_or_eng(` + typeattribute gyotaku_vendor_data_file mlstrustedobject; +') diff --git a/gyotaku_app/dump/file_contexts b/gyotaku_app/dump/file_contexts new file mode 100644 index 0000000..3a16a00 --- /dev/null +++ b/gyotaku_app/dump/file_contexts @@ -0,0 +1,4 @@ +/data/vendor/gyotaku(/.*)? u:object_r:gyotaku_vendor_data_file:s0 + +# Pixel dump for Gyotaku +/vendor/bin/dump/dump_gyotaku u:object_r:dump_gyotaku_exec:s0 diff --git a/gyotaku_app/gyotaku.mk b/gyotaku_app/gyotaku.mk index fa58556..c6c41d5 100644 --- a/gyotaku_app/gyotaku.mk +++ b/gyotaku_app/gyotaku.mk @@ -4,5 +4,11 @@ ifneq ($(TARGET_BUILD_VARIANT), user) Gyotaku BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/sepolicy/ + + # Pixel 5a (barbet) does not support Pixel dump + ifneq ($(TARGET_PRODUCT), barbet) + PRODUCT_PACKAGES_DEBUG += dump_gyotaku + BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/dump + endif endif endif From 2ce657ec4f905873024eb998de7e86653c780b70 Mon Sep 17 00:00:00 2001 From: klinesjiang Date: Mon, 19 Feb 2024 18:46:31 +0800 Subject: [PATCH 46/55] [Gyotaku] Add the access /data/vendor/gyotaku sepolicy for gyotaku_app domain To prevent the barbet build break, add sepolicy to gyotaku dump folder. Bug: 310110649 Test: Local build barbet(Pixel 5a) and Husky(Pixel 8), trigger a new bugreport from Husky(Pixel 8) the result passed. Change-Id: I09a46249644774c679a0cfa687b2b41ba82120c1 --- gyotaku_app/dump/gyotaku_app.te | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 gyotaku_app/dump/gyotaku_app.te diff --git a/gyotaku_app/dump/gyotaku_app.te b/gyotaku_app/dump/gyotaku_app.te new file mode 100644 index 0000000..6816080 --- /dev/null +++ b/gyotaku_app/dump/gyotaku_app.te @@ -0,0 +1,5 @@ +userdebug_or_eng(` + # For access /data/vendor/gyotaku folder + allow gyotaku_app gyotaku_vendor_data_file:dir create_dir_perms; + allow gyotaku_app gyotaku_vendor_data_file:file create_file_perms; +') From 8ca98549db39d221d8458df074979ea417bda0b5 Mon Sep 17 00:00:00 2001 From: David Li Date: Wed, 21 Feb 2024 19:58:44 +0800 Subject: [PATCH 47/55] audio: add file_contexts of /dev/acd-mc_headpos Bug: 307842941 Test: mm Change-Id: Id4210c309d4a86e81a510dacb83b23396c5a327b --- aoc/sepolicy/file_contexts | 1 + 1 file changed, 1 insertion(+) diff --git a/aoc/sepolicy/file_contexts b/aoc/sepolicy/file_contexts index 617b7b9..c43bc75 100644 --- a/aoc/sepolicy/file_contexts +++ b/aoc/sepolicy/file_contexts @@ -28,6 +28,7 @@ /dev/acd-audio_ap_offload_tx u:object_r:aoc_device:s0 /dev/acd-mel_processor u:object_r:aoc_device:s0 /dev/acd-aocx_control u:object_r:aoc_device:s0 +/dev/acd-mc_headpos u:object_r:aoc_device:s0 # AoC vendor binaries /vendor/bin/aocd u:object_r:aocd_exec:s0 From eadc0d0114749e7007581ca246467150e1b12e7f Mon Sep 17 00:00:00 2001 From: Shinru Han Date: Tue, 20 Feb 2024 09:32:05 +0000 Subject: [PATCH 48/55] gps: Enable Pixel GNSS HAL avc: denied { call } for scontext=u:r:hal_gnss_pixel:s0 tcontext=u:r:hal_gnss_default:s0 tclass=binder permissive=0 avc: denied { call } for scontext=u:r:hal_gnss_default:s0 tcontext=u:r:hal_gnss_pixel:s0 tclass=binder permissive=0 avc: denied { read } for name="modem_state" dev="sysfs" ino=66325 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 avc: denied { open } for path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=66325 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 avc: denied { getattr } for path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=66325 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 Test: CTS/VTS pass Bug: 320567656 Change-Id: I22ed09fe37a7e9811f78bf66c21420d2809da9c6 --- gps/lsi/s5400.mk | 3 +++ gps/lsi/sepolicy/hal_gnss_default.te | 3 +++ gps/pixel/device_framework_matrix_product.xml | 10 ++++++++++ gps/pixel/pixel_gnss_hal.mk | 15 +++++++++++++++ gps/pixel/sepolicy/file.te | 1 + gps/pixel/sepolicy/file_contexts | 2 ++ gps/pixel/sepolicy/genfs_contexts | 2 ++ gps/pixel/sepolicy/hal_gnss_pixel.te | 14 ++++++++++++++ gps/pixel/sepolicy/service_contexts | 1 + 9 files changed, 51 insertions(+) create mode 100644 gps/pixel/device_framework_matrix_product.xml create mode 100644 gps/pixel/pixel_gnss_hal.mk create mode 100644 gps/pixel/sepolicy/file.te create mode 100644 gps/pixel/sepolicy/file_contexts create mode 100644 gps/pixel/sepolicy/genfs_contexts create mode 100644 gps/pixel/sepolicy/hal_gnss_pixel.te create mode 100644 gps/pixel/sepolicy/service_contexts diff --git a/gps/lsi/s5400.mk b/gps/lsi/s5400.mk index de676ff..1bfc88e 100644 --- a/gps/lsi/s5400.mk +++ b/gps/lsi/s5400.mk @@ -14,3 +14,6 @@ PRODUCT_PACKAGES += \ ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT))) PRODUCT_VENDOR_PROPERTIES += vendor.gps.aol.enabled=true endif + +# Enable Pixel GNSS HAL +include device/google/gs-common/gps/pixel/pixel_gnss_hal.mk \ No newline at end of file diff --git a/gps/lsi/sepolicy/hal_gnss_default.te b/gps/lsi/sepolicy/hal_gnss_default.te index 54a08f9..7d363f0 100644 --- a/gps/lsi/sepolicy/hal_gnss_default.te +++ b/gps/lsi/sepolicy/hal_gnss_default.te @@ -8,3 +8,6 @@ binder_call(hal_gnss_default, gnssd); #Read GPS property get_prop(hal_gnss_default, vendor_gps_prop) + +#IPC between pixel and vendor HAL +binder_call(hal_gnss_default, hal_gnss_pixel) diff --git a/gps/pixel/device_framework_matrix_product.xml b/gps/pixel/device_framework_matrix_product.xml new file mode 100644 index 0000000..2c93444 --- /dev/null +++ b/gps/pixel/device_framework_matrix_product.xml @@ -0,0 +1,10 @@ + + + android.hardware.gnss + 3 + + IGnss + vendor + + + diff --git a/gps/pixel/pixel_gnss_hal.mk b/gps/pixel/pixel_gnss_hal.mk new file mode 100644 index 0000000..b0edff7 --- /dev/null +++ b/gps/pixel/pixel_gnss_hal.mk @@ -0,0 +1,15 @@ +# Include this file to enable Pixel GNSS HAL + +$(call soong_config_set, pixel_gnss, enable_pixel_gnss_aidl_service, true) + +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gps/pixel/sepolicy + +PRODUCT_PACKAGES += \ + android.hardware.gnss-service.pixel + +PRODUCT_VENDOR_PROPERTIES += \ + persist.vendor.gps.hal.service.name=vendor + +# Compatibility matrix +DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += \ + device/google/gs-common/gps/pixel/device_framework_matrix_product.xml diff --git a/gps/pixel/sepolicy/file.te b/gps/pixel/sepolicy/file.te new file mode 100644 index 0000000..79e95ab --- /dev/null +++ b/gps/pixel/sepolicy/file.te @@ -0,0 +1 @@ +type sysfs_modem_state, sysfs_type, fs_type; diff --git a/gps/pixel/sepolicy/file_contexts b/gps/pixel/sepolicy/file_contexts new file mode 100644 index 0000000..8bd8f92 --- /dev/null +++ b/gps/pixel/sepolicy/file_contexts @@ -0,0 +1,2 @@ +/vendor/bin/hw/android\.hardware\.gnss-service\.pixel u:object_r:hal_gnss_pixel_exec:s0 + diff --git a/gps/pixel/sepolicy/genfs_contexts b/gps/pixel/sepolicy/genfs_contexts new file mode 100644 index 0000000..494aa97 --- /dev/null +++ b/gps/pixel/sepolicy/genfs_contexts @@ -0,0 +1,2 @@ +# modem state node +genfscon sysfs /devices/platform/cpif/modem_state u:object_r:sysfs_modem_state:s0 diff --git a/gps/pixel/sepolicy/hal_gnss_pixel.te b/gps/pixel/sepolicy/hal_gnss_pixel.te new file mode 100644 index 0000000..512ecc9 --- /dev/null +++ b/gps/pixel/sepolicy/hal_gnss_pixel.te @@ -0,0 +1,14 @@ +type hal_gnss_pixel, domain; +hal_server_domain(hal_gnss_pixel, hal_gnss) + +type hal_gnss_pixel_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_gnss_pixel) + +#IPC between pixel and vendor HAL +binder_call(hal_gnss_pixel, hal_gnss_default) + +#Read modem state +allow hal_gnss_pixel sysfs_modem_state:file r_file_perms; + +#Toggle coredump node +allow hal_gnss_pixel sysfs_gps:file rw_file_perms; diff --git a/gps/pixel/sepolicy/service_contexts b/gps/pixel/sepolicy/service_contexts new file mode 100644 index 0000000..cc9871f --- /dev/null +++ b/gps/pixel/sepolicy/service_contexts @@ -0,0 +1 @@ +android.hardware.gnss.IGnss/vendor u:object_r:hal_gnss_service:s0 \ No newline at end of file From 3b682abda5b0d3a55a55d13ffc8b85bd9040a325 Mon Sep 17 00:00:00 2001 From: Shinru Han Date: Mon, 26 Feb 2024 02:57:50 +0000 Subject: [PATCH 49/55] Allow gnssd set gps property avc: denied { write } for name="property_service" dev="tmpfs" ino=837 scontext=u:r:gnssd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 Bug: 320577795 Test: on-device Change-Id: I77c02d9754c8ccd66d8cc889fd361de0fc20e09d --- gps/lsi/sepolicy/gnssd.te | 3 +++ 1 file changed, 3 insertions(+) diff --git a/gps/lsi/sepolicy/gnssd.te b/gps/lsi/sepolicy/gnssd.te index 8450253..42c974e 100644 --- a/gps/lsi/sepolicy/gnssd.te +++ b/gps/lsi/sepolicy/gnssd.te @@ -25,3 +25,6 @@ get_prop(gnssd, bootanim_system_prop) allow gnssd sysfs_soc:file r_file_perms; allow gnssd sysfs_gps:file rw_file_perms; + +# Allow gnssd to set GPS property +set_prop(gnssd, vendor_gps_prop) From 57384abb7e75807b094b9201057310b85e415dc5 Mon Sep 17 00:00:00 2001 From: Mark Chang Date: Mon, 19 Feb 2024 06:12:11 +0000 Subject: [PATCH 50/55] Move sepolicy files from hardware/google/pixel-sepolicy. Bug: 325422902 Test: Manual, system booted without sepolicy denied error. Change-Id: I10d20c0b79acf938bd41dcd640a716369ecf779b Signed-off-by: Mark Chang --- touch/twoshay/sepolicy/device.te | 1 + touch/twoshay/sepolicy/dumpstate.te | 2 ++ touch/twoshay/sepolicy/file_contexts | 2 ++ .../twoshay/sepolicy/hal_dumpstate_default.te | 2 ++ touch/twoshay/sepolicy/platform_app.te | 4 +++ touch/twoshay/sepolicy/service.te | 3 +++ touch/twoshay/sepolicy/service_contexts | 3 +++ .../sepolicy/touchflow_debug/file_contexts | 2 ++ touch/twoshay/sepolicy/twoshay.te | 27 +++++++++++++++++++ touch/twoshay/twoshay.mk | 3 +++ 10 files changed, 49 insertions(+) create mode 100644 touch/twoshay/sepolicy/device.te create mode 100644 touch/twoshay/sepolicy/dumpstate.te create mode 100644 touch/twoshay/sepolicy/file_contexts create mode 100644 touch/twoshay/sepolicy/hal_dumpstate_default.te create mode 100644 touch/twoshay/sepolicy/platform_app.te create mode 100644 touch/twoshay/sepolicy/service.te create mode 100644 touch/twoshay/sepolicy/service_contexts create mode 100644 touch/twoshay/sepolicy/touchflow_debug/file_contexts create mode 100644 touch/twoshay/sepolicy/twoshay.te create mode 100644 touch/twoshay/twoshay.mk diff --git a/touch/twoshay/sepolicy/device.te b/touch/twoshay/sepolicy/device.te new file mode 100644 index 0000000..d3ce622 --- /dev/null +++ b/touch/twoshay/sepolicy/device.te @@ -0,0 +1 @@ +type touch_offload_device, dev_type; diff --git a/touch/twoshay/sepolicy/dumpstate.te b/touch/twoshay/sepolicy/dumpstate.te new file mode 100644 index 0000000..90f14b8 --- /dev/null +++ b/touch/twoshay/sepolicy/dumpstate.te @@ -0,0 +1,2 @@ +allow dumpstate touch_context_service:service_manager find; +binder_call(dumpstate, twoshay) diff --git a/touch/twoshay/sepolicy/file_contexts b/touch/twoshay/sepolicy/file_contexts new file mode 100644 index 0000000..09728be --- /dev/null +++ b/touch/twoshay/sepolicy/file_contexts @@ -0,0 +1,2 @@ +/dev/touch_offload u:object_r:touch_offload_device:s0 +/vendor/bin/twoshay u:object_r:twoshay_exec:s0 diff --git a/touch/twoshay/sepolicy/hal_dumpstate_default.te b/touch/twoshay/sepolicy/hal_dumpstate_default.te new file mode 100644 index 0000000..81edc36 --- /dev/null +++ b/touch/twoshay/sepolicy/hal_dumpstate_default.te @@ -0,0 +1,2 @@ +allow hal_dumpstate_default touch_context_service:service_manager find; +binder_call(hal_dumpstate_default, twoshay) diff --git a/touch/twoshay/sepolicy/platform_app.te b/touch/twoshay/sepolicy/platform_app.te new file mode 100644 index 0000000..ac997a9 --- /dev/null +++ b/touch/twoshay/sepolicy/platform_app.te @@ -0,0 +1,4 @@ +allow platform_app gril_antenna_tuning_service:service_manager find; +allow platform_app screen_protector_detector_service:service_manager find; +allow platform_app touch_context_service:service_manager find; +binder_call(platform_app, twoshay) diff --git a/touch/twoshay/sepolicy/service.te b/touch/twoshay/sepolicy/service.te new file mode 100644 index 0000000..4aa064d --- /dev/null +++ b/touch/twoshay/sepolicy/service.te @@ -0,0 +1,3 @@ +type gril_antenna_tuning_service, service_manager_type, hal_service_type; +type screen_protector_detector_service, service_manager_type, hal_service_type; +type touch_context_service, service_manager_type, hal_service_type; diff --git a/touch/twoshay/sepolicy/service_contexts b/touch/twoshay/sepolicy/service_contexts new file mode 100644 index 0000000..f6aa1db --- /dev/null +++ b/touch/twoshay/sepolicy/service_contexts @@ -0,0 +1,3 @@ +com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0 +com.google.input.algos.gril.IGrilAntennaTuningService/default u:object_r:gril_antenna_tuning_service:s0 +com.google.input.algos.spd.IScreenProtectorDetectorService/default u:object_r:screen_protector_detector_service:s0 diff --git a/touch/twoshay/sepolicy/touchflow_debug/file_contexts b/touch/twoshay/sepolicy/touchflow_debug/file_contexts new file mode 100644 index 0000000..17dfe62 --- /dev/null +++ b/touch/twoshay/sepolicy/touchflow_debug/file_contexts @@ -0,0 +1,2 @@ +/vendor/bin/hw/android\.hardware\.input\.processor-reflector u:object_r:hal_input_processor_default_exec:s0 +/vendor/bin/twoshay_touchflow u:object_r:twoshay_exec:s0 diff --git a/touch/twoshay/sepolicy/twoshay.te b/touch/twoshay/sepolicy/twoshay.te new file mode 100644 index 0000000..cd317a0 --- /dev/null +++ b/touch/twoshay/sepolicy/twoshay.te @@ -0,0 +1,27 @@ +type twoshay, domain; +type twoshay_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(twoshay) + +allow twoshay touch_offload_device:chr_file rw_file_perms; +allow twoshay twoshay:capability sys_nice; + +binder_use(twoshay) +add_service(twoshay, gril_antenna_tuning_service) +add_service(twoshay, screen_protector_detector_service) +add_service(twoshay, touch_context_service) + +binder_call(twoshay, platform_app) + +allow twoshay fwk_stats_service:service_manager find; +binder_call(twoshay, stats_service_server) + +# Allow dumpsys output in bugreports. +allow twoshay dumpstate:fd use; +allow twoshay dumpstate:fifo_file write; + +# b/198755236 +dontaudit twoshay twoshay:capability dac_override; + +# b/226830650 +dontaudit twoshay boot_status_prop:file read; diff --git a/touch/twoshay/twoshay.mk b/touch/twoshay/twoshay.mk new file mode 100644 index 0000000..20bf1ba --- /dev/null +++ b/touch/twoshay/twoshay.mk @@ -0,0 +1,3 @@ +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/twoshay/sepolicy +PRODUCT_PACKAGES += twoshay +PRODUCT_SOONG_NAMESPACES += vendor/google/input/twoshay From e2ec91ccbdbdde47d21a3de207f3fcc0beb05449 Mon Sep 17 00:00:00 2001 From: Liana Kazanova Date: Tue, 27 Feb 2024 21:11:56 +0000 Subject: [PATCH 51/55] Revert "Move sepolicy files from hardware/google/pixel-sepolicy." Revert submission 26288713-twoshay-sepolicy-24 Reason for revert: DroidMonitor: Potential culprit for b/327235315 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted. Reverted changes: /q/submissionid:26288713-twoshay-sepolicy-24 Bug: 327235315 Change-Id: I3529a6bc329b38f9a6b5a21c5d7c809636076eb5 --- touch/twoshay/sepolicy/device.te | 1 - touch/twoshay/sepolicy/dumpstate.te | 2 -- touch/twoshay/sepolicy/file_contexts | 2 -- .../twoshay/sepolicy/hal_dumpstate_default.te | 2 -- touch/twoshay/sepolicy/platform_app.te | 4 --- touch/twoshay/sepolicy/service.te | 3 --- touch/twoshay/sepolicy/service_contexts | 3 --- .../sepolicy/touchflow_debug/file_contexts | 2 -- touch/twoshay/sepolicy/twoshay.te | 27 ------------------- touch/twoshay/twoshay.mk | 3 --- 10 files changed, 49 deletions(-) delete mode 100644 touch/twoshay/sepolicy/device.te delete mode 100644 touch/twoshay/sepolicy/dumpstate.te delete mode 100644 touch/twoshay/sepolicy/file_contexts delete mode 100644 touch/twoshay/sepolicy/hal_dumpstate_default.te delete mode 100644 touch/twoshay/sepolicy/platform_app.te delete mode 100644 touch/twoshay/sepolicy/service.te delete mode 100644 touch/twoshay/sepolicy/service_contexts delete mode 100644 touch/twoshay/sepolicy/touchflow_debug/file_contexts delete mode 100644 touch/twoshay/sepolicy/twoshay.te delete mode 100644 touch/twoshay/twoshay.mk diff --git a/touch/twoshay/sepolicy/device.te b/touch/twoshay/sepolicy/device.te deleted file mode 100644 index d3ce622..0000000 --- a/touch/twoshay/sepolicy/device.te +++ /dev/null @@ -1 +0,0 @@ -type touch_offload_device, dev_type; diff --git a/touch/twoshay/sepolicy/dumpstate.te b/touch/twoshay/sepolicy/dumpstate.te deleted file mode 100644 index 90f14b8..0000000 --- a/touch/twoshay/sepolicy/dumpstate.te +++ /dev/null @@ -1,2 +0,0 @@ -allow dumpstate touch_context_service:service_manager find; -binder_call(dumpstate, twoshay) diff --git a/touch/twoshay/sepolicy/file_contexts b/touch/twoshay/sepolicy/file_contexts deleted file mode 100644 index 09728be..0000000 --- a/touch/twoshay/sepolicy/file_contexts +++ /dev/null @@ -1,2 +0,0 @@ -/dev/touch_offload u:object_r:touch_offload_device:s0 -/vendor/bin/twoshay u:object_r:twoshay_exec:s0 diff --git a/touch/twoshay/sepolicy/hal_dumpstate_default.te b/touch/twoshay/sepolicy/hal_dumpstate_default.te deleted file mode 100644 index 81edc36..0000000 --- a/touch/twoshay/sepolicy/hal_dumpstate_default.te +++ /dev/null @@ -1,2 +0,0 @@ -allow hal_dumpstate_default touch_context_service:service_manager find; -binder_call(hal_dumpstate_default, twoshay) diff --git a/touch/twoshay/sepolicy/platform_app.te b/touch/twoshay/sepolicy/platform_app.te deleted file mode 100644 index ac997a9..0000000 --- a/touch/twoshay/sepolicy/platform_app.te +++ /dev/null @@ -1,4 +0,0 @@ -allow platform_app gril_antenna_tuning_service:service_manager find; -allow platform_app screen_protector_detector_service:service_manager find; -allow platform_app touch_context_service:service_manager find; -binder_call(platform_app, twoshay) diff --git a/touch/twoshay/sepolicy/service.te b/touch/twoshay/sepolicy/service.te deleted file mode 100644 index 4aa064d..0000000 --- a/touch/twoshay/sepolicy/service.te +++ /dev/null @@ -1,3 +0,0 @@ -type gril_antenna_tuning_service, service_manager_type, hal_service_type; -type screen_protector_detector_service, service_manager_type, hal_service_type; -type touch_context_service, service_manager_type, hal_service_type; diff --git a/touch/twoshay/sepolicy/service_contexts b/touch/twoshay/sepolicy/service_contexts deleted file mode 100644 index f6aa1db..0000000 --- a/touch/twoshay/sepolicy/service_contexts +++ /dev/null @@ -1,3 +0,0 @@ -com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0 -com.google.input.algos.gril.IGrilAntennaTuningService/default u:object_r:gril_antenna_tuning_service:s0 -com.google.input.algos.spd.IScreenProtectorDetectorService/default u:object_r:screen_protector_detector_service:s0 diff --git a/touch/twoshay/sepolicy/touchflow_debug/file_contexts b/touch/twoshay/sepolicy/touchflow_debug/file_contexts deleted file mode 100644 index 17dfe62..0000000 --- a/touch/twoshay/sepolicy/touchflow_debug/file_contexts +++ /dev/null @@ -1,2 +0,0 @@ -/vendor/bin/hw/android\.hardware\.input\.processor-reflector u:object_r:hal_input_processor_default_exec:s0 -/vendor/bin/twoshay_touchflow u:object_r:twoshay_exec:s0 diff --git a/touch/twoshay/sepolicy/twoshay.te b/touch/twoshay/sepolicy/twoshay.te deleted file mode 100644 index cd317a0..0000000 --- a/touch/twoshay/sepolicy/twoshay.te +++ /dev/null @@ -1,27 +0,0 @@ -type twoshay, domain; -type twoshay_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(twoshay) - -allow twoshay touch_offload_device:chr_file rw_file_perms; -allow twoshay twoshay:capability sys_nice; - -binder_use(twoshay) -add_service(twoshay, gril_antenna_tuning_service) -add_service(twoshay, screen_protector_detector_service) -add_service(twoshay, touch_context_service) - -binder_call(twoshay, platform_app) - -allow twoshay fwk_stats_service:service_manager find; -binder_call(twoshay, stats_service_server) - -# Allow dumpsys output in bugreports. -allow twoshay dumpstate:fd use; -allow twoshay dumpstate:fifo_file write; - -# b/198755236 -dontaudit twoshay twoshay:capability dac_override; - -# b/226830650 -dontaudit twoshay boot_status_prop:file read; diff --git a/touch/twoshay/twoshay.mk b/touch/twoshay/twoshay.mk deleted file mode 100644 index 20bf1ba..0000000 --- a/touch/twoshay/twoshay.mk +++ /dev/null @@ -1,3 +0,0 @@ -BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/twoshay/sepolicy -PRODUCT_PACKAGES += twoshay -PRODUCT_SOONG_NAMESPACES += vendor/google/input/twoshay From 815fd348170ae63a656a06049ff318f19894c9ad Mon Sep 17 00:00:00 2001 From: Spandan Das Date: Wed, 28 Feb 2024 16:13:46 +0000 Subject: [PATCH 52/55] Add PRODUCT_MODULE_BUILD_FROM_SOURCE to fullmte This is a temporary workaround to ensure that fullmte variants of google devices uses mainline modules from source in next release config Long term, this functionality will likely be implemented by creating a product specific release config map Test: lunch -next-userdebug && m nothing Test: https://android-build.corp.google.com/builds/abtd/run/L14800030002211627 Bug: 325666427 Change-Id: I042319e14362e66b1078941dabcfd7dcecfc7cfb --- mte/fullmte-pixel.mk | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mte/fullmte-pixel.mk b/mte/fullmte-pixel.mk index da4e7b9..6cc525d 100644 --- a/mte/fullmte-pixel.mk +++ b/mte/fullmte-pixel.mk @@ -1,4 +1,7 @@ include build/make/target/product/fullmte.mk + +PRODUCT_MODULE_BUILD_FROM_SOURCE := true + BOARD_KERNEL_CMDLINE += bootloader.pixel.MTE_FORCE_ON # TODO(b/324412910): Remove this when the stack-buffer-overflow is fixed. PRODUCT_PRODUCT_PROPERTIES += \ From 9aa2c2e0017a8500b21ebdf1105e4f3b9dd66139 Mon Sep 17 00:00:00 2001 From: Hongyang Jiao Date: Fri, 9 Feb 2024 21:28:46 +0000 Subject: [PATCH 53/55] Add betterbug folder to gs-common Test: locally test, recorded in http://shortn/_iEz9DTCHgo Bug: 322543833 Change-Id: I035adde2253056414d7c729f4a9f5b4effdde87d --- betterbug/betterbug.mk | 5 +++++ .../sepolicy/product/private/better_bug_app.te | 15 +++++++++++++++ betterbug/sepolicy/product/private/seapp_contexts | 2 ++ .../sepolicy/product/public/better_bug_app.te | 1 + 4 files changed, 23 insertions(+) create mode 100644 betterbug/betterbug.mk create mode 100644 betterbug/sepolicy/product/private/better_bug_app.te create mode 100644 betterbug/sepolicy/product/private/seapp_contexts create mode 100644 betterbug/sepolicy/product/public/better_bug_app.te diff --git a/betterbug/betterbug.mk b/betterbug/betterbug.mk new file mode 100644 index 0000000..f3ae647 --- /dev/null +++ b/betterbug/betterbug.mk @@ -0,0 +1,5 @@ +PRODUCT_PACKAGES += BetterBugStub +PRODUCT_PACKAGES_DEBUG += BetterBug + +PRODUCT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/betterbug/sepolicy/product/public +PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/betterbug/sepolicy/product/private diff --git a/betterbug/sepolicy/product/private/better_bug_app.te b/betterbug/sepolicy/product/private/better_bug_app.te new file mode 100644 index 0000000..bb50612 --- /dev/null +++ b/betterbug/sepolicy/product/private/better_bug_app.te @@ -0,0 +1,15 @@ +typeattribute better_bug_app coredomain; + +app_domain(better_bug_app) +net_domain(better_bug_app) + +allow better_bug_app shell_data_file:file read; +allow better_bug_app privapp_data_file:file execute; + +allow better_bug_app app_api_service:service_manager find; +allow better_bug_app system_api_service:service_manager find; +allow better_bug_app mediaserver_service:service_manager find; + +set_prop(better_bug_app, ctl_start_prop) + +get_prop(better_bug_app, system_boot_reason_prop) diff --git a/betterbug/sepolicy/product/private/seapp_contexts b/betterbug/sepolicy/product/private/seapp_contexts new file mode 100644 index 0000000..261e710 --- /dev/null +++ b/betterbug/sepolicy/product/private/seapp_contexts @@ -0,0 +1,2 @@ +# BetterBug +user=_app isPrivApp=true name=com.google.android.apps.internal.betterbug domain=better_bug_app type=app_data_file levelFrom=all diff --git a/betterbug/sepolicy/product/public/better_bug_app.te b/betterbug/sepolicy/product/public/better_bug_app.te new file mode 100644 index 0000000..9a14782 --- /dev/null +++ b/betterbug/sepolicy/product/public/better_bug_app.te @@ -0,0 +1 @@ +type better_bug_app, domain; From a1f78bf75d7242cda5f16b7b615ef57772e2ef1c Mon Sep 17 00:00:00 2001 From: YiHo Cheng Date: Thu, 22 Feb 2024 14:47:50 +0800 Subject: [PATCH 54/55] dumpstate: thermal: update thermal dump script path Correct thermal dump script file path Bug: 326349256 Test: build Change-Id: Iaf2108f037ca89ffae3e89a2e81996d03c79ff5f --- thermal/dump/thermal.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/thermal/dump/thermal.mk b/thermal/dump/thermal.mk index 03b1dfa..4bb0344 100644 --- a/thermal/dump/thermal.mk +++ b/thermal/dump/thermal.mk @@ -1,3 +1,3 @@ BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/thermal/sepolicy/dump -PRODUCT_PACKAGES += dump/dump_thermal.sh +PRODUCT_PACKAGES += dump_thermal.sh From 1c9e011597571651c6196e5cb6f976ec348ae42f Mon Sep 17 00:00:00 2001 From: Wayne Lin Date: Fri, 1 Mar 2024 02:46:50 +0800 Subject: [PATCH 55/55] gps: add policy for partial reset feature avc: denied { read } for name="u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=413 scontext=u:r:gnssd:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0 avc: denied { open } for path="/dev/__properties__/u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=414 scontext=u:r:gnssd:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0 avc: denied { getattr } for path="/dev/__properties__/u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=414 scontext=u:r:gnssd:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0 avc: denied { map } for path="/dev/__properties__/u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=414 scontext=u:r:gnssd:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0 Bug: 326493553 Test: no avc denied error Change-Id: I4ac1ecf51da01c24d4e2f0f7e52df1d2cb92e275 --- gps/lsi/sepolicy/gnssd.te | 3 +++ 1 file changed, 3 insertions(+) diff --git a/gps/lsi/sepolicy/gnssd.te b/gps/lsi/sepolicy/gnssd.te index 42c974e..56ab51f 100644 --- a/gps/lsi/sepolicy/gnssd.te +++ b/gps/lsi/sepolicy/gnssd.te @@ -28,3 +28,6 @@ allow gnssd sysfs_gps:file rw_file_perms; # Allow gnssd to set GPS property set_prop(gnssd, vendor_gps_prop) + +# Read RIL property +get_prop(gnssd, vendor_rild_prop)