add the new ro properties added to surfaceflinger:
ro.surface_flinger.set_idle_timer_ms
ro.surface_flinger.use_smart_90_for_video
Bug: 131054357
Test: Boot with SELinux enforcing
Change-Id: I887b318a95db200280344a11fcf7deaadafdeca9
mediaserver uses libaudioclient (via libmediaplayerservice).
The code in libaudioclient may access IAudioManager.
For that, mediaserver has to be allowed to find "audio" service.
Bug: 123312504
Test: MediaRecorderTest#testAudioRecordInfoCallback
Merged-In: Iaa3651c692fd550f72e7ce6eafbf3386ee07a0c0
Change-Id: Iaa3651c692fd550f72e7ce6eafbf3386ee07a0c0
The userdebug sepolicy will be installed into debug ramdisk.
When the ramdisk is used, the device must be unlocked and init will load
this userdebug version of platform sepolicy to allow adb root.
Bug: 126493225
Test: 'make' and checks that the userdebug sepolicy is in debug ramdisk
Change-Id: I9df514054a86d63449b3ebfd1afdee2aee649418
Merged-In: I9df514054a86d63449b3ebfd1afdee2aee649418
(cherry picked from commit e763667ee1)
Bug: 130734497
Test: m selinux_policy; system_server and statds still have permission
to export HIDL services.
Change-Id: I6e87b236bdbdd939fca51fb7255e97635118ed2d
Merged-In: I6e87b236bdbdd939fca51fb7255e97635118ed2d
(cherry picked from commit 1d34b8cc31)
This change allows first-stage init to mount a tmpfs under
/debug_ramdisk to preserve files from the debug ramdisk, for
second-stage init to load sepolicy and property files.
This is to allow adb root on a USER build if the device is unlocked.
Bug: 126493225
Test: boot a device with debug ramdisk, checks related files are loaded
Change-Id: Iad3b84d9bdf5d8e789219126c88701bf969253ef
Merged-In: Iad3b84d9bdf5d8e789219126c88701bf969253ef
(cherry picked from commit 2e86fa0e81)
During preloading resources, zygote scans the overlay directories of
supported partitions looking for android RROs to apply statically. Zygote
currently is allowed to read overlays in /oem/overlay, but zygote does
not have the search permission to be able to scan /oem.
Without this patch, this denial is logged:
04-04 14:57:40.136 876 876 I auditd : type=1400 audit(0.0:9):
avc: denied { search } for comm="main" name="oem" dev="dm-3" ino=46
scontext=u:r:zygote:s0 tcontext=u:object_r:oemfs:s0 tclass=dir
permissive=0
Bug: 121033532
Test: booting without denials and stat oem succeeds
Change-Id: I661f3e0aff7ec3513870d08ddc122fc359b8f995
This selector is no longer used.
Bug: 123605817
Bug: 111314398
Test: compiles and boots
(cherry picked from commit 795add585c)
Change-Id: I673ce4b6898d58602e553e7cf194bb5eac8361e0
Allow netd to trigger the kernel synchronize rcu with open and close
pf_key socket. This action was previously done by system_server but now
it need to be done by netd instead because there might be race issue
when netd is operating on a map that is cleaned up by system server.
Bug: 126620214
Test: android.app.usage.cts.NetworkUsageStatsTest
android.net.cts.TrafficStatsTest
Change-Id: Id5ca86aa4610e37a2752709ed9cfd4536ea3bfaf
Merged-In: Id5ca86aa4610e37a2752709ed9cfd4536ea3bfaf
(Cherry picked from commit 8a5539b5f0)
ART follows the /data/user/0 symlink while loading cache files, leading
to:
avc: denied { getattr } for comm="webview_zygote" path="/data/user/0"
dev="sda35" ino=1310726 scontext=u:r:webview_zygote:s0
tcontext=u:object_r:system_data_file:s0 tclass=lnk_file permissive=0
Allow this access, the same as app and app_zygote do.
Bug: 123246126
Test: DeviceBootTest.SELinuxUncheckedDenialBootTest
Change-Id: I90faa524e15a17b116a6087a779214f2c2142cc2
(cherry picked from commit d40f7fd9d5)
android/soong/common was renamed to android/soong/android long
ago, but the pctx package path was still "android/soong/common".
This required all users of rules defined in android/soong/android
to import "android/soong/android" and then
pctx.Import("android/soong/common").
Bug: 130298888
Test: m checkbuild
Change-Id: Ic9e8bf25e76dbd61bb1cb1d0e7d095e73c0f279b
The bootstrap bionic (/system/lib/bootstrap/*) are only to the early
processes that are executed before the bionic libraries become available
via the runtime APEX. Allowing them to other processes is not needed and
sometimes causes a problem like b/123183824.
Bug: 123183824
Test: device boots to the UI
Test: atest CtsJniTestCases:android.jni.cts.JniStaticTest#test_linker_namespaces
Merged-In: Id7bba2e8ed1c9faf6aa85dbbdd89add04826b160
Change-Id: Id7bba2e8ed1c9faf6aa85dbbdd89add04826b160
(cherry picked from commit a0f998e6de)
/system/bin/auditctl is executed by init to set the kernel audit
throttling rate limit. Grant the rules necessary for this to happen.
Test: compiles and boots
Test: Perform an operation which generates lots of SELinux denials,
and count how many occur before and after the time period.
Bug: 118815957
(cherry picked from commit 622ab8a2ba)
Change-Id: Ie5b4852fa217462557fce192c764305893968454
This is needed for bugreport to include ANR trace for the process.
Bug: 128878895
Test: adb bugreport
Change-Id: I92e6952b03ffb047e9fb75b0e44024f2623debb3
While the directory is not present anymore in Q, it has been shipped on
Q Beta 2 and the absence of such label might cause issues to devices
with pending installs which receive an OTA > Beta 2.
Bug: 130184133
Test: m
Change-Id: Ie3e77eebd2e7fd7b3a6a940d189cbc2bb386dc0e
This change allows the perfetto cmdline client to access
the (unprivileged) producer socket of traced, with the
intent of triggering finalization of already running traces
(see b/130135730). Matching change: aosp/932138
Note that:
- perfetto cmdline can already access the consumer socket
(to start tracing sessions).
- The producer socket is already exposed to most domains,
including unprivileged apps.
Bug: 130135730
Bug: 128966650
Test: manual
(cherry picked from commit cdda2dc3c9)
Merged-In: Id9106279584798e6689102085fa46a0b7ecb1ba7
Change-Id: Id9106279584798e6689102085fa46a0b7ecb1ba7