For vndk related properties, use vndk_prop context.
vndk_prop can be defined by 'init' and 'vendor_init', but free to
read by any processes.
Bug: 144534640
Test: check boot to see if the VNDK properties are readable
Change-Id: Ifa2bb0ce6c301ea2071e25ac4f7e569ea3ce5d83
The code that uses the property has not been committed, so this change
has no impact on the codebase.
Bug: 140788621
Test: build an image that combines this change with the client code
and boot a phone. Verify that there are no policy violations.
Change-Id: Ie6c1a791578c61adae5b71a38e61a2f5b20bb817
Setup SELinux to allow the world to read, and system_server to write, a
property used as an indicator that we need to refresh local caches
for PowerManager.isPowerSaveMode and PowerManager.isInteractive.
Bug: 140788621
Test: Flashed build and tested that phone boots and does not crash
as PowerManager operations take place.
Change-Id: I3e7e513756c8d881295721c2729cd37ad3bec8b8
The binder_cache_system_server_prop context allows any user to read the
property but only the system_server to write it. The only property with
this context is currently binder.cache_key.has_system_feature but users
will be added.
Bug: 140788621
Test: this was tested on an image with a binder cache implementation. No
permission issues were found. The implementation is not part of the current
commit.
Change-Id: I4c7c3ddf809ed947944408ffbbfc469d761a6043
This property type will be used for read-only userspace reboot related
properties that are used to configure userspace reboot behaviour, e.g.:
* timeout for userspace reboot watchdog;
* timeout for services to terminate;
* timeout for services to shutdown;
* etc.
Since all this configuration is device specific, vendor_init should be
able to set these properties.
Test: build/soong/soong_ui.bash \
--make-mode \
TARGET_PRODUCT=full \
TARGET_BUILD_VARIANT=eng \
droid \
dist DIST_DIR=/tmp/buildbot/dist_dirs/aosp-master-linux-full-eng/funwithprops \
checkbuild
Bug: 135984674
Bug: 147374477
Change-Id: I1f69980aea6020e788d5d2acaf24c0231939907c
The module is getting renamed, so rename all the policy
relating to it at the same time.
Bug: 137191822
Test: presubmit
Change-Id: Ia9d966ca9884ce068bd96cf5734e4a459158c85b
Merged-In: Ia9d966ca9884ce068bd96cf5734e4a459158c85b
(cherry picked from commit 6505573c36)
This had been settable by vendors up to and including Q release by
making config_prop avendor_init writeable. We don't allow this any
more. This should be a real vendor settable property now.
Bug: 143755062
Test: adb logcat -b all | grep cameraservice
Test: atest CtsCameraTestCases
Change-Id: Id583e899a906da8a8e8d71391ff2159a9510a630
This reverts commit f536a60407.
Reason for revert: Resubmit the CL with the fix in vendor_init.te
Bug: 144534640
Test: lunch sdk-userdebug; m sepolicy_tests
Change-Id: I47c589c071324d8f031a0f7ebdfa8188869681e9
Define a new property_context vndk_prop for ro.product.vndk.version.
It is set by init process but public to all modules.
Bug: 144534640
Test: check if ro.product.vndk.version is set correctly.
Change-Id: If739d4e25de93d9ed2ee2520408e07a8c87d46fe
This type will be used for read-only properties used to configure
userspace reboot behaviour (e.g. whenever device supports it, watchdog
timeout, etc.).
Test: adb shell getprop ro.init.userspace_reboot.is_supported
Bug: 135984674
Change-Id: I387b2f2f6e3ca96c66c8fa3e6719d013d71f76c7
Devices that support userspace reboot are required to set this property
to true.
Test: builds
Bug: 135984674
Change-Id: I6cbff586e8813cf0a44d2ff8d6a2cf6dbdc295f0
Public-readable int sysprops for the extension versions
will be in this bucket, e.g. ro.build.version.extensions.r
Bug: 137191822
Bug: 143937447
Test: boot and getprop ro.build.version.extensions.r
Change-Id: I200165d8903221b2d5b824e4eea77ef933919b74
Vendors should be able set this property
Bug: 141756630
Test: Device boots up and zram writeback works
Change-Id: I0618df43579b3b63510df84e88bbcfd5e00abb16
ro.apk_verity.mode was introduced in P on crosshatch. This change
changes the label from default_prop to a new property, apk_verity_prop.
ro.apk_verity.mode is set by vendor_init per build.prop, in order to
honor Treble split. It is also read by system_server and installd
currently.
Test: verify functioning without denials in dmesg
Bug: 142494008
Bug: 144164497
Change-Id: I1f24513d79237091cf30025bb7ca63282e23c739
VTS and CTS-on-GSI report the device's ro.odm.build.version.incremental
or ro.vendor.build.version.incremental. The properties need to be
readable without root privilege.
Test: adb shell getprop ro.odm.build.version.incremental
Bug: 145255132
Change-Id: Ibb71185888cce022cb3a9be3e6fb2199d5f438d9
By default sys.init.userspace_reboot.* properties are internal to
/system partition. Only exception is
sys.init.userspace_reboot.in_progress which signals to all native
services (including vendor ones) that userspace reboot is happening,
hence it should be a system_public_prop.
Only init should be allowed to set userspace reboot related properties.
Bug: 135984674
Test: builds
Test: adb reboot userspace
Change-Id: Ibb04965be2d5bf6e81b34569aaaa1014ff61e0d3
The ability to set these properties is required by the
profilebootclasspath Android products.
Also fixed renamed property.
Bug: 139883463
Test: manually verified
This reverts commit 3079462443.
Change-Id: I7e8fceb974f34ea584799dd3e458279adee53e11
New properties are:
dalvik.vm.dex2oat-cpu-set [default compiler thread affinity]
dalvik.vm.boot-dex2oat-cpu-set [compiler thread affinity for boot]
dalvik.vm.image-dex2oat-cpu-set [thread affinity recompiling the boot image]
Bug: 141446571
Test: Run installd tests with new properties defined in target mk file.
Change-Id: Idcbb1332aa9c18f6082b827eae0334d063644a41
Newly added ro.lmk.psi_partial_stall_ms, ro.lmk.psi_complete_stall_ms,
ro.lmk.thrashing_limit and ro.lmk.thrashing_limit_decay should be
configurable by vendors.
Bug: 132642304
Change-Id: Ifd3513c78e75d77be8d7c3594bef48ea27cc80b3
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
https://boringssl-review.googlesource.com/c/boringssl/+/38024 will
introduce a feature allowing vendors finer grained control over
BoringSSL's random source by setting a system property.
The property needs to be settable from vendor init and readable by all
processes on the device.
As BoringSSL will be in a mainline module, we need to provide a
non-source code way of allowing vendor customisations.
Bug: 142129238
Test: Observe property is settable from /vendor/default.prop and
readable by non-root, non-vendor processes.
Change-Id: I4c20349f1b2ab2f51ac11ec552b99b1e15b14dd8
Allow vendor-init to set the new property ro.crypto.volume.flags so that
vendors can configure file-based encryption on adoptable storage to use
v2 encryption policies. This is analogous to the existing properties
ro.crypto.volume.contents_mode and ro.crypto.volume.filenames_mode.
Bug: 140500999
Test: see If64028d8580584b2c33c614cabd5d6b93657f608
Change-Id: Ibde73e0556b6a08e2653149c1cdbf39cdcae6112
ro.crypto.fde_algorithm
ro.crypto.fde_sector_size
ro.crypto.volume.contents_mode
These properties were not added to sepolicy export2vold. vold can't access
crypto algorithm type when flashing a GSI image and when the properties are in
/vendor/build.prop. This prevents FDE from working.
Bug: 141518844
Change-Id: I234bda439f6be7a2211a194856baf75800396232
Signed-off-by: yuguoxu <yuguoxu@allwinnertech.corp-partner.google.com>
Bug: 136592946
Bug: 138261472
Test: Ran with the patch applied, confirmed surface flinger can access
the system property.
Change-Id: I259a488399c5e698de384322852ea81ea1a96e7d
Merged-In: I259a488399c5e698de384322852ea81ea1a96e7d
Bug: 136592946
Bug: 138261472
Test: Ran with the patch applied, confirmed surface flinger can access
the system property.
Change-Id: I259a488399c5e698de384322852ea81ea1a96e7d
Merged-In: I259a488399c5e698de384322852ea81ea1a96e7d
Exempt-From-Owner-Approval: Approved internally
These properties should no longer be specified in the vendor rom.
Bug: 139883463
Test: manual
(cherry picked from commit 1f6eda4111)
Exempt-From-Owner-Approval: Cherry-pick from master
Merged-In: I510c917fa3c60dcbd3f104ebe619f34c69c821e6
Change-Id: I8b7cf03d7a2faceb03b83edcb47e831fbc8c8918