Merge "sepolicy_vendor: Add sepolicy rules for lowi_server to find qms service"
diff --git a/generic/vendor/common/hal_vibrator_default.te b/generic/vendor/common/hal_vibrator_default.te
index 41de4ab..b58c450 100644
--- a/generic/vendor/common/hal_vibrator_default.te
+++ b/generic/vendor/common/hal_vibrator_default.te
@@ -68,3 +68,6 @@
# read/write permissions to haptics sysfs node
r_dir_file(hal_vibrator_default, vendor_sysfs_haptics)
allow hal_vibrator_default vendor_sysfs_haptics:file rw_file_perms;
+
+# default permissions for qc_aon_node
+get_prop(hal_vibrator_default, vendor_qc_aon_prop)
diff --git a/generic/vendor/common/hal_wifi.te b/generic/vendor/common/hal_wifi.te
index db94262..3f87dc0 100644
--- a/generic/vendor/common/hal_wifi.te
+++ b/generic/vendor/common/hal_wifi.te
@@ -56,10 +56,8 @@
allow hal_wifi proc_net:file write;
# allow hal_wifi to write into /data/vendor/tombstones/wifi
-userdebug_or_eng(`
- allow hal_wifi_server vendor_tombstone_data_file:dir rw_dir_perms;
- allow hal_wifi_server vendor_tombstone_data_file:file create_file_perms;
-')
+allow hal_wifi_server vendor_tombstone_data_file:dir rw_dir_perms;
+allow hal_wifi_server vendor_tombstone_data_file:file create_file_perms;
# allow hal_wifi to operate on bridged interfaces
allowxperm hal_wifi_default self:udp_socket ioctl { SIOCBRADDBR
diff --git a/qva/vendor/common/qvrd_vndr.te b/qva/vendor/common/qvrd_vndr.te
index d2a3ca6..cb7019d 100644
--- a/qva/vendor/common/qvrd_vndr.te
+++ b/qva/vendor/common/qvrd_vndr.te
@@ -199,3 +199,6 @@
#tsf node permission
allow vendor_qvrd_vndr sysfs_net:dir r_dir_perms;
allow vendor_qvrd_vndr sysfs_net:file r_file_perms;
+
+#Allow audio hal permission
+hal_client_domain(vendor_qvrd_vndr, hal_audio);
diff --git a/qva/vendor/kona/hal_camera.te b/qva/vendor/kona/hal_camera.te
index 7a5a831..a8251f4 100644
--- a/qva/vendor/kona/hal_camera.te
+++ b/qva/vendor/kona/hal_camera.te
@@ -19,3 +19,6 @@
#Allow access to /data/vendor/camera
allow hal_camera_default vendor_camera_data_file:dir { add_name write };
allow hal_camera_default vendor_camera_data_file:file { create getattr open write };
+
+#Allow accessto vendor display properties
+get_prop(hal_camera_default, vendor_display_prop);
diff --git a/qva/vendor/trinket/file_contexts b/qva/vendor/trinket/file_contexts
index 248569c..726b1cb 100644
--- a/qva/vendor/trinket/file_contexts
+++ b/qva/vendor/trinket/file_contexts
@@ -1,5 +1,4 @@
# Copyright (c) 2016-2019, The Linux Foundation. All rights reserved.
-# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
@@ -26,6 +25,11 @@
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
###################################
+#Changes from Qualcomm Innovation Center are provided under the following license:
+#
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
# Dev block nodes
#Primary storage device nodes
@@ -191,6 +195,14 @@
/sys/devices/platform/soc/1b46018.qfprom/qfprom0/nvmem u:object_r:vendor_sysfs_qfprom:s0
+#Vendor_hvdcp
+
+/sys/devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-00/1c40000.qcom,spmi:qcom,pm6125@0:vadc@3100/iio:device[0-9](/.*?) u:object_r:vendor_sysfs_battery_supply:s0
+/sys/devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/iio:device[0-9](/.*?) u:object_r:vendor_sysfs_battery_supply:s0
+/sys/devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qpnp,qg/iio:device[0-9](/.*?) u:object_r:vendor_sysfs_battery_supply:s0
+/sys/devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:vadc@3100/iio:device[0-9](/.*?) u:object_r:vendor_sysfs_battery_supply:s0
+/sys/devices/platform/soc/4ac0000.qcom,qupv3_0_geni_se/4a84000.i2c/i2c-0/0-000c/4a84000.i2c:qcom,smb1355@c:qcom,smb1355-charger@1000/iio:device[0-9](/.*?) u:object_r:vendor_sysfs_battery_supply:s0
+
# Audio
/dev/msm_audio_cal u:object_r:vendor_audio_cal_device:s0
#msm_lsm cdev
diff --git a/qva/vendor/trinket/genfs_contexts b/qva/vendor/trinket/genfs_contexts
index 9f6ddaa..e30cfa3 100644
--- a/qva/vendor/trinket/genfs_contexts
+++ b/qva/vendor/trinket/genfs_contexts
@@ -31,32 +31,28 @@
# SPDX-License-Identifier: BSD-3-Clause-Clear
#pmic sysfs_nodes
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-00/1c40000.qcom,spmi:qcom,pm6125@0:qcom,pm6125_rtc/rtc u:object_r:sysfs_rtc:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/battery u:object_r:vendor_sysfs_battery_supply:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/pc_port u:object_r:vendor_sysfs_usb_supply:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/usb u:object_r:vendor_sysfs_usb_supply:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/main u:object_r:vendor_sysfs_battery_supply:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qpnp,qg/power_supply/bms u:object_r:vendor_sysfs_battery_supply:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-00/1c40000.qcom,spmi:qcom,pm6125@0:qcom,pm6125_rtc/rtc u:object_r:sysfs_rtc:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/battery u:object_r:vendor_sysfs_battery_supply:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/pc_port u:object_r:vendor_sysfs_usb_supply:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/usb u:object_r:vendor_sysfs_usb_supply:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/main u:object_r:vendor_sysfs_battery_supply:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qpnp,qg/power_supply/bms u:object_r:vendor_sysfs_battery_supply:s0
genfscon sysfs /devices/platform/soc/4a84000.i2c/i2c-0/0-0008/4a84000.i2c:qcom,smb1355@8:qcom,smb1355-charger@1000/power_supply/parallel u:object_r:vendor_sysfs_battery_supply:s0
-genfscon sysfs /devices/platform/soc/4a84000.i2c/i2c-0/0-000c/4a84000.i2c:qcom,smb1355@c:qcom,smb1355-charger@1000/power_supply/parallel u:object_r:vendor_sysfs_battery_supply:s0
+genfscon sysfs /devices/platform/soc/4ac0000.qcom,qupv3_0_geni_se/4a84000.i2c/i2c-0/0-000c/4a84000.i2c:qcom,smb1355@c:qcom,smb1355-charger@1000/power_supply/parallel u:object_r:vendor_sysfs_battery_supply:s0
genfscon sysfs /class/qcom-battery u:object_r:vendor_sysfs_battery_supply:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-03/1c40000.qcom,spmi:qcom,pmi632@3:qcom,leds@d000/leds u:object_r:vendor_sysfs_graphics:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-03/1c40000.qcom,spmi:qcom,pmi632@3:qcom,leds@d300/leds u:object_r:sysfs_leds:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-03/1c40000.qcom,spmi:qcom,pmi632@3:qcom,vibrator@5700/leds/vibrator u:object_r:sysfs_leds:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-03/1c40000.qcom,spmi:qcom,pmi632@3:qcom,leds@d000/leds u:object_r:vendor_sysfs_graphics:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-03/1c40000.qcom,spmi:qcom,pmi632@3:qcom,leds@d300/leds u:object_r:sysfs_leds:s0
genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-03/1c40000.qcom,spmi:qcom,pmi632@3:qcom,vibrator@5700/leds/vibrator u:object_r:sysfs_leds:s0
+genfscon sysfs /bus/iio/devices u:object_r:vendor_sysfs_battery_supply:s0
# PMIC devices wakeup nodes
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-00/1c40000.qcom,spmi:qcom,pm6125@0:qcom,pm6125_rtc/rtc/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/battery/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/pc_port/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/main/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qpnp,qg/power_supply/bms/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-00/1c40000.qcom,spmi:qcom,pm6125@0:qcom,pm6125_rtc/rtc/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/power_supply/main/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/soc/4a84000.i2c/i2c-0/0-0008/4a84000.i2c:qcom,smb1355@8:qcom,smb1355-charger@1000/power_supply/parallel/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/soc/4a84000.i2c/i2c-0/0-000c/4a84000.i2c:qcom,smb1355@c:qcom,smb1355-charger@1000/power_supply/parallel/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-00/1c40000.qcom,spmi:qcom,pm6125@0:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/wakeup/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-00/1c40000.qcom,spmi:qcom,pm6125@0:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,qpnp-smb5/wakeup/wakeup u:object_r:sysfs_wakeup:s0
# wakeup nodes listed from SuspendSepolicyTests.sh
genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/0-02/1c40000.qcom,spmi:qcom,pmi632@2:qcom,power-on@800/wakeup u:object_r:sysfs_wakeup:s0
diff --git a/qva/vendor/trinket/hal_graphics_allocator_default.te b/qva/vendor/trinket/hal_graphics_allocator_default.te
index b84b877..5fbd8a8 100644
--- a/qva/vendor/trinket/hal_graphics_allocator_default.te
+++ b/qva/vendor/trinket/hal_graphics_allocator_default.te
@@ -1,4 +1,4 @@
-# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# Copyright (c) 2023,2024 Qualcomm Innovation Center, Inc. All rights reserved.
# SPDX-License-Identifier: BSD-3-Clause-Clear
allow hal_graphics_allocator_default vendor_sysfs_kgsl_gpu_model:file r_file_perms;
@@ -6,3 +6,4 @@
allow hal_graphics_allocator_default vendor_dmabuf_system_uncached_heap_device:chr_file r_file_perms;
allow hal_graphics_allocator_default vendor_dmabuf_display_heap_device:chr_file r_file_perms;
allow hal_graphics_allocator_default vendor_membuf_dev:chr_file r_file_perms;
+allow hal_graphics_allocator_default vendor_dmabuf_secure_pixel:chr_file r_file_perms;
diff --git a/qva/vendor/trinket/hal_vibrator_default.te b/qva/vendor/trinket/hal_vibrator_default.te
deleted file mode 100644
index c62deed..0000000
--- a/qva/vendor/trinket/hal_vibrator_default.te
+++ /dev/null
@@ -1,5 +0,0 @@
-# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
-# SPDX-License-Identifier: BSD-3-Clause-Clear
-
-#hal_vibrator_default permission
-allow hal_vibrator_default vendor_qc_aon_prop:file { read };
diff --git a/qva/vendor/trinket/hvdcp.te b/qva/vendor/trinket/hvdcp.te
new file mode 100644
index 0000000..d2a3caf
--- /dev/null
+++ b/qva/vendor/trinket/hvdcp.te
@@ -0,0 +1,4 @@
+#Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+#SPDX-License-Identifier: BSD-3-Clause-Clear
+
+set_prop(vendor_hvdcp, ctl_stop_prop)
diff --git a/qva/vendor/trinket/vendor_hal_drm_widevine.te b/qva/vendor/trinket/vendor_hal_drm_widevine.te
new file mode 100644
index 0000000..321f02f
--- /dev/null
+++ b/qva/vendor/trinket/vendor_hal_drm_widevine.te
@@ -0,0 +1,5 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# widevine
+allow vendor_hal_drm_widevine vendor_dmabuf_qseecom_ta_heap_device:chr_file r_file_perms;