There are a lot of properties which is meant to be set once by
vendor_init. Most of them are configuration properties from vendor. This
introduces a macro to define such properties, which can help readability
and better security than using plain system_public_prop.
Bug: 148125056
Test: manual
Change-Id: I8b68e635d42119bafd1d22cba7957f583822ac7b
Run SELinuxHostTest whenever a change is made.
Filtering the tests to the ones that check that priv-apps are running in
their own domains.
Bug: 143172058
Test: Running "atest" in system/sepolicy runs SELinuxHostTest
Change-Id: If17642400129e97eb3bf2f631e784f92826adb9a
The public platform version no longer can be a codename, it is
always the most recently released platform. A new build property
and API provides either the offical version or the current codename
as appropriate. This will avoid breaking apps that look at the
platform version while development is under a codename.
Bug: 143175463
Test: manual
(cherry picked from commit afa84c96ac)
Merged-In: I257ca42672e4712841c90b0608202c846bda628c
Change-Id: If8c91986afe682902787145dae4c0a3b9a2aa8d1
The binder's methods are protected by signature
permissions (LOG_COMPAT_CHANGE, READ_COMPAT_CHANGE_CONFIG and
OVERRIDE_COMPAT_CHANGE_CONFIG).
This is a re-landing of https://r.android.com/1210143, which was
reverted due to http://b/142942524. The actual fix was done in
http://ag/10234812.
Bug: 142650523
Test: atest PlatformCompatGatingTest
Change-Id: Ibddac8933ea58d44457a5d80b540347e796ebe71
As of aosp/1224611, there is a new step in the preparation of APEXes
where init calls back into apexd after DE user data is unencrypted to
allow DE apex data to be snapshotted or restored.
This adds a new enum value for the apexd.status property to allow
this status to be described.
Bug: 148672144
Test: build & flash, check boot completes and check in logs that the
correct status values are set.
Change-Id: I7effcf16280eabcd5b9a0d70d33bd34d79121312
Dumpstate runs 'df', which in turn tries to get attributes on all
mounted filesystems. We don't care much for stats on /mnt/user, since
it's simply a mapping of /data. /mnt/installer is simply a bind mount of
/mnt/user, and we don't need to show that in df either.
Bug: 148761246
Test: atest
CtsSecurityHostTestCases:android.security.cts.SELinuxHostTest#testNoBugreportDenials
Change-Id: Ie71b9cde08eb08bd3a7a3e2659ea71c61ca5ab3b
adbd started calling shutdown and waiting for EOF before closing
sockets in commit 74b7ec72, because closing a TCP socket while you have
pending data to read is specified to send a TCP RST to the other end,
which can result in data that we've written into the socket to be
prematurely thrown away on the other end. Not being able to do so on a
Unix domain socket is benign, aside from the denial showing up in the
log.
Fixes the following selinux denial when installing a package:
avc: denied { shutdown } for scontext=u:r:adbd:s0 tcontext=u:r:shell:s0 tclass=unix_stream_socket permissive=0
Test: manual
Change-Id: I266092a8323ac02bfe96738a8f4a8021f3a10387
This fixes a bug where a directory's label was removed, causing it to
be unlabeled, and we crashed on trying to set its encryption policy.
Fixes: 148923156
Test: Successfully update from build with the deleted label.
Change-Id: I69c3707e3e66d9e44a22b0783d3016c8ddab6b8f
This binder call is needed because we want to migrate
libstatspull to use StatsManagerService instead of Statsd
The binder call to statsd can be removed after the migration.
Test: m -j
Bug: 148641240
Change-Id: If6cf7eb77aa229751c44e5291d49f05177dbb8dd
Add a filegroup for extservices so that it can be shared between the main
extservices apex and the one used for testing.
Bug: 138589409
Test: Manually
Change-Id: I2cca8a583b2aa72c8c29a32dd839fe599300b40f
This helps in the investigation of driver-related issues.
Bug: 145388549
Test: Manually, log collected on user build
Change-Id: I40631aac7878f58e399bc583898630055583fc7c
Only write snapshotctl_log_data_file for userdebug_or_eng.
Test: boot, still see log
Bug: 148818798
Change-Id: I03e979efd65e3992bd8ef30e6408768a14aa1de2
recovery is excluded because it is not an interesting code
path.
Test: apply OTA, cancel, delete OTA states, then apply again
to trigger CancelUpdate() code path, see logs
Bug: 148818798
Change-Id: I3baac977af54ac0a09c9b732fd172469c9f51627