Merge "perf-hal: sepolicy for perf-hal@2.0"

generic/vendor/common/file_contexts

@@ -162,7 +162,6 @@
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.display\.allocator@1\.0-service   u:object_r:hal_graphics_allocator_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.tui_comm@1\.0-service-qti u:object_r:hal_tui_comm_qti_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.qdutils_disp@1\.0-service-qti u:object_r:hal_qdutils_disp_qti_exec:s0
-/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.perf@1\.0-service       u:object_r:hal_perf_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.capabilityconfigstore@1\.0-service u:object_r:hal_capabilityconfigstore_qti_default_exec:s0
 
 /(vendor|system/vendor)/bin/power_off_alarm        u:object_r:power_off_alarm_exec:s0

generic/vendor/common/init_shell.te

@@ -80,7 +80,7 @@ set_prop(qti_init_shell, vendor_alarm_boot_prop)
 set_prop(qti_init_shell, vendor_gralloc_prop)
 set_prop(qti_init_shell, vendor_usb_prop)
 set_prop(qti_init_shell, vendor_system_prop)
-set_prop(qti_init_shell, vendor_mpdecision_prop)
+set_prop(qti_init_shell, vendor_mpctl_prop)
 set_prop(qti_init_shell, vendor_radio_prop)
 set_prop(qti_init_shell, vendor_audio_prop)
 get_prop(qti_init_shell, exported3_radio_prop)
@@ -89,6 +89,8 @@ set_prop(qti_init_shell, vendor_gpu_prop)
 allow qti_init_shell {
     sysfs_devices_system_cpu
     sysfs_lowmemorykiller
+    sysfs_mmc_host
+    sysfs_process_reclaim
 }:file w_file_perms;
 
 r_dir_file(qti_init_shell, sysfs_type)

generic/vendor/common/property.te

@@ -54,9 +54,6 @@ type vendor_system_prop, property_type;
 #imsrcsservice
 type ctl_vendor_imsrcsservice_prop, property_type;
 
-#mpdecision
-type vendor_mpdecision_prop, property_type;
-
 # HBTP
 type ctl_vendor_hbtp_prop, property_type;
 

generic/vendor/common/property_contexts

@@ -74,10 +74,6 @@ persist.vendor.ims.        u:object_r:ims_prop:s0
 persist.vendor.qti.telephony.vt_cam_interface u:object_r:ims_prop:s0
 ctl.vendor.imsrcsservice   u:object_r:ctl_vendor_imsrcsservice_prop:s0
 
-#mpdecision
-vendor.post_boot.parsed  u:object_r:vendor_mpdecision_prop:s0
-ro.vendor.perf.cores_online u:object_r:vendor_mpdecision_prop:s0
-
 # HBTP
 ctl.vendor.hbtp u:object_r:ctl_vendor_hbtp_prop:s0
 

generic/vendor/common/radio.te

@@ -46,6 +46,9 @@ allow radio avtimer_device:chr_file r_file_perms;
 
 binder_call(radio, hal_imsrtp)
 
+#perf
+hal_client_domain(radio, hal_perf)
+
 #diag
 userdebug_or_eng(`
     diag_use(radio)

generic/vendor/common/surfaceflinger.te

@@ -31,3 +31,4 @@ allow surfaceflinger sysfs_graphics:file rw_file_perms;
 
 get_prop(surfaceflinger, vendor_gralloc_prop)
 get_prop(surfaceflinger, vendor_display_prop)
+get_prop(surfaceflinger, vendor_dolphin_prop)

qva/private/perfservice.te

@@ -29,6 +29,7 @@ type perfservice_exec, exec_type, system_file_type, file_type;
 
 init_daemon_domain(perfservice)
 
+add_service(perfservice, vendor_perf_service);
 binder_use(perfservice);
 binder_call(perfservice, system_server);
 binder_service(perfservice);

qva/private/property_contexts

@@ -45,6 +45,10 @@ vendor.qcom_parser.                u:object_r:mm_parser_prop:s0
 #mm-osal
 vendor.debug.mmosal.config         u:object_r:mm_osal_prop:s0
 
+#perf
+vendor.perf.workloadclassifier.enable      u:object_r:vendor_wlc_prop:s0
+persist.vendor.build.date.utc              u:object_r:vendor_wlc_prop:s0
+
 #Wifi Display
 vendor.wfdservice                          u:object_r:wfd_service_prop:s0
 persist.vendor.debug.wfd.wfdsvc            u:object_r:wfd_sys_debug_prop:s0

qva/private/system_app.te

@@ -39,6 +39,9 @@ get_prop(system_app, bluetooth_prop);
 # allow system_app to interact with smcinvoke daemon
 binder_call(system_app, smcinvoke_daemon)
 
+# allow system_app access to Workload Classifier Property
+set_prop(system_app, vendor_wlc_prop);
+
 # allow system app to interact with mirrorlinkserver
 binder_call(system_app, mirrorlink);
 # allow system app to connect to mirrorlink_socket

qva/public/property.te

@@ -33,3 +33,4 @@ type vendor_mirrorlink_prop, property_type, extended_core_property_type;
 # this is vendor defined property  and added with prefix vendor
 # which is going to be working from system
 type vendor_bt_prop, property_type, extended_core_property_type;
+type vendor_wlc_prop, property_type, extended_core_property_type;

qva/vendor/common/file.te

@@ -53,6 +53,20 @@ type vendor_persist_mmi_file, file_type, vendor_persist_type;
 #File type by mmi
 type vendor_mmi_socket, file_type;
 
+
+#perf
+type sysfs_lib, fs_type, sysfs_type;
+type sysfs_memory, fs_type, sysfs_type;
+type sysfs_process_reclaim, fs_type, sysfs_type;
+
+#Define the files written during the operation of mpctl
+type sysfs_mpctl, fs_type, sysfs_type;
+type mpctl_socket, file_type, mlstrustedobject;
+type mpctl_data_file, file_type, data_file_type;
+
+#Define the files used by lm
+type lm_data_file, file_type, data_file_type;
+
 # Wifi Data file
 type wifi_vendor_data_file, file_type, data_file_type;
 type wifi_vendor_wpa_socket, file_type, data_file_type;

qva/vendor/common/file_contexts

@@ -105,6 +105,11 @@
 /(vendor|system/vendor)/bin/DR_AP_Service                                          u:object_r:location_exec:s0
 /(vendor|system/vendor)/bin/slim_daemon                                            u:object_r:location_exec:s0
 
+#perf
+/sys/module/cpu_boost(/.*)?                                         u:object_r:sysfs_cpu_boost:s0
+/sys/module/msm_performance(/.*)?                                   u:object_r:sysfs_msm_perf:s0
+/sys/module/process_reclaim(/.*)?                                   u:object_r:sysfs_process_reclaim:s0
+
 ###################################
 # data files
 #

qva/vendor/common/genfs_contexts

@@ -28,3 +28,4 @@
 genfscon sysfs /devices/virtual/npu/msm_npu/pwr u:object_r:sysfs_npu:s0
 genfscon proc /asound/card0/state u:object_r:proc_audiod:s0
 genfscon proc /asound/cards u:object_r:proc_audiod:s0
+genfscon sysfs /module/msm_thermal/core_control/cpus_offlined           u:object_r:sysfs_mpctl:s0

qva/vendor/common/hal_perf_default.te

@@ -40,38 +40,54 @@ allow hal_perf_client hal_perf_hwservice:hwservice_manager find;
 
 allow hal_perf_default cgroup:file r_file_perms;
 allow hal_perf_default proc:file rw_file_perms;
-get_prop(hal_perf, vendor_mpdecision_prop)
+allow hal_perf latency_device:chr_file rw_file_perms;
+get_prop(hal_perf, freq_prop)
+get_prop(hal_perf, vendor_mpctl_prop)
+allow hal_perf_default mpctl_data_file:dir rw_dir_perms;
+allow hal_perf_default mpctl_data_file:file create_file_perms;
+allow hal_perf_default lm_data_file:dir rw_dir_perms;
+allow hal_perf_default lm_data_file:file create_file_perms;
+allow hal_perf_default sysfs_lib:file w_file_perms;
+r_dir_file(hal_perf_default, appdomain);
 
 allow hal_perf {
-    sysfs_devices_system_cpu
-    sysfs_devfreq
-    sysfs_cpu_boost
-    sysfs_msm_perf
-    sysfs_msm_power
-    sysfs_mmc_host
-    sysfs_scsi_host
-    sysfs_kgsl
-    sysfs_graphics
-    sysfs
-    sysfs_battery_supply
+     sysfs_devices_system_cpu
+     sysfs_mpctl
+     sysfs_devfreq
+     sysfs_mmc_host
+     sysfs_scsi_host
+     sysfs_kgsl
+     sysfs_cpu_boost
+     sysfs_msm_perf
+     sysfs_memory
+     sysfs_graphics
+     sysfs
+     sysfs_msm_power
+     sysfs_battery_supply
+     sysfs_process_reclaim
 }:dir r_dir_perms;
 
 allow hal_perf {
-    sysfs_devices_system_cpu
-    sysfs_devfreq
-    sysfs_cpu_boost
-    sysfs_msm_perf
-    sysfs_msm_power
-    sysfs_mmc_host
-    sysfs_scsi_host
-    sysfs_kgsl
-    sysfs_graphics
-    sysfs_battery_supply
+     sysfs_devices_system_cpu
+     sysfs_mpctl
+     sysfs_cpu_boost
+     sysfs_msm_perf
+     sysfs_kgsl
+     sysfs_cpu_boost
+     sysfs_msm_perf
+     sysfs_memory
+     sysfs_graphics
+     sysfs_scsi_host
+     sysfs_devfreq
+     sysfs_mmc_host
+     sysfs_msm_power
+     sysfs_battery_supply
+     sysfs_process_reclaim
 }:file rw_file_perms;
 
 allow hal_perf {
     sysfs_devfreq
-    sysfs_kgsl
     sysfs_mmc_host
     sysfs_scsi_host
+    sysfs_kgsl
 }:lnk_file r_file_perms;

qva/vendor/common/init_shell.te

@@ -30,6 +30,9 @@ set_prop(qti_init_shell, vendor_mdm_helper_prop)
 set_prop(qti_init_shell, vendor_mmi_prop)
 set_prop(qti_init_shell, vendor_dataadpl_prop)
 
+#perf
+set_prop(qti_init_shell, vendor_mpctl_prop)
+
 userdebug_or_eng(`
 # Needed for starting console in userdebug mode
 set_prop(qti_init_shell, vendor_audio_debug_prop)

qva/vendor/common/perfdump_app.te

@@ -0,0 +1,60 @@
+# Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#    * Redistributions of source code must retain the above copyright
+#      notice, this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials provided
+#      with the distribution.
+#    * Neither the name of The Linux Foundation nor the names of its
+#      contributors may be used to endorse or promote products derived
+#      from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+type perfdump_app, domain;
+app_domain(perfdump_app)
+
+# systrace support
+allow perfdump_app debugfs_tracing:dir r_dir_perms;
+allow perfdump_app debugfs_tracing:file rw_file_perms;
+
+userdebug_or_eng(`
+  allow perfdump_app debugfs_tracing_debug:dir r_dir_perms;
+  allow perfdump_app debugfs_tracing_debug:file rw_file_perms;
+')
+
+allow perfdump_app debugfs_trace_marker:file getattr;
+
+# perfdump sets debug.atrace.* properties
+set_prop(perfdump_app, debug_prop)
+
+# pokes binder-enabled processes
+binder_use(perfdump_app)
+allow perfdump_app servicemanager:service_manager list;
+allow perfdump_app hwservicemanager:hwservice_manager list;
+allow perfdump_app app_api_service:service_manager find;
+allow perfdump_app surfaceflinger_service:service_manager find;
+allow perfdump_app audioserver_service:service_manager find;
+allow perfdump_app mediaserver_service:service_manager find;
+binder_call(perfdump_app, system_server)
+
+# dumpstate
+set_prop(perfdump_app, ctl_dumpstate_prop)
+unix_socket_connect(perfdump_app, dumpstate, dumpstate)
+
+dontaudit perfdump_app service_manager_type:service_manager *;
+dontaudit perfdump_app hwservice_manager_type:hwservice_manager *;

qva/vendor/common/perfservice.te

@@ -0,0 +1,30 @@
+# Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#    * Redistributions of source code must retain the above copyright
+#      notice, this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials provided
+#      with the distribution.
+#    * Neither the name of The Linux Foundation nor the names of its
+#      contributors may be used to endorse or promote products derived
+#      from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+hal_client_domain(perfservice, hal_perf)
+hal_client_domain(perfservice, hal_iop)
+get_prop(perfservice, vendor_iop_prop)

qva/vendor/common/platform_app.te

@@ -0,0 +1,30 @@
+# Copyright (c) 2019, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+#       copyright notice, this list of conditions and the following
+#       disclaimer in the documentation and/or other materials provided
+#       with the distribution.
+#     * Neither the name of The Linux Foundation nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#allow embms app to access vendor radio property
+
+#perf
+hal_client_domain(platform_app, hal_perf)

qva/vendor/common/property.te

@@ -37,6 +37,16 @@ type vendor_disable_spu_prop, property_type;
 # boot mode property
 type vendor_boot_mode_prop, property_type;
 
+#mpctl
+type vendor_mpctl_prop, property_type;
+type freq_prop, property_type;
+
+#iop
+type vendor_iop_prop, property_type;
+
+#dolphin
+type vendor_dolphin_prop, property_type;
+
 #properties for nfc
 type vendor_nfc_nq_prop, property_type;
 

qva/vendor/common/property_contexts

@@ -39,6 +39,10 @@ ctl.vendor.mdm_helper                        u:object_r:vendor_mdm_helper_prop:s
 # qdma property
 vendor.qti.qdma.                             u:object_r:vendor_qdma_prop:s0
 
+#perf
+vendor.post_boot.parsed                u:object_r:vendor_mpctl_prop:s0
+vendor.perf.dolphin.enable             u:object_r:vendor_dolphin_prop:s0
+
 # NFC
 vendor.qti.nfc.                              u:object_r:vendor_nfc_nq_prop:s0
 

qva/vendor/common/seapp_contexts

@@ -0,0 +1,29 @@
+# Copyright (c) 2019, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+#       copyright notice, this list of conditions and the following
+#       disclaimer in the documentation and/or other materials provided
+#       with the distribution.
+#     * Neither the name of The Linux Foundation nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#Add new domain for perfdump app
+user=system seinfo=platform name=com.qualcomm.qti.perfdump domain=perfdump_app type=system_app_data_file

qva/vendor/common/system_app.te

@@ -30,3 +30,6 @@ hal_client_domain(system_app, vendor_hal_factory_qti);
 hal_client_domain(system_app, hal_fm);
 # fm_radio app needes  open read on fm_radio_device
 allow system_app fm_radio_device:chr_file r_file_perms;
+
+#perf
+hal_client_domain(system_app, hal_perf)

qva/vendor/common/system_server.te

@@ -0,0 +1,30 @@
+# Copyright (c) 2019, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+#       copyright notice, this list of conditions and the following
+#       disclaimer in the documentation and/or other materials provided
+#       with the distribution.
+#     * Neither the name of The Linux Foundation nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+##for perf-hal/iop-hal call
+hal_client_domain(system_server, hal_perf)
+hal_client_domain(system_server, hal_iop)