Wei Wang
a3d6302c57
Allow psi monitor users to setched kernel threads
...
psi monitor sched_setscheduler(kworker->task, SCHED_FIFO, ¶m) was added into pa/1282597
Bug: 131252752
Bug: 129476847
Test: build
Change-Id: I69fdd90e4a39da8d33b417efc7ea7a0da9d9290b
2019-05-01 10:18:48 -07:00
Wei Wang
76d93f0ce8
Allow signals to power/thermal HAL from dumpstate
...
Bug: 129711808
Test: Take BR
Change-Id: Ibcb03698a6e2966f4913ddb6e674502bce4df235
2019-04-23 14:21:03 -07:00
Sudheer Shanka
5bce022dce
Remove obsolete denials tracking.
...
Bug: 118185801
Test: manual
Change-Id: Ibc4590d6e7b825124035e8f51574afbe5ae4b750
2019-04-18 17:22:19 -07:00
TreeHugger Robot
625ed86bc9
Merge "Allow system_server to schedule mediaswcodec" into qt-dev
2019-04-18 03:24:14 +00:00
Chong Zhang
6fd8d82f31
Allow system_server to schedule mediaswcodec
...
bug: 130669553
Change-Id: I49d4ef473181d2270d90a9350c5e05b8b7db76bb
(cherry-picked from https://android-review.googlesource.com/c/platform/system/sepolicy/+/946836 )
2019-04-17 20:51:51 +00:00
Nick Kralevich
6b34e64ecb
Remove isV2App
...
This selector is no longer used.
Bug: 123605817
Bug: 111314398
Test: compiles and boots
(cherry picked from commit 795add585c
)
Change-Id: I673ce4b6898d58602e553e7cf194bb5eac8361e0
2019-04-17 00:10:26 -07:00
TreeHugger Robot
f9085929fb
Merge "Allow bootstrap bionic only to init, ueventd, and apexd" into qt-dev
2019-04-15 16:39:14 +00:00
TreeHugger Robot
68f6ff2fff
Merge "Allow webview_zygote to read the /data/user/0 symlink." into qt-dev
2019-04-12 19:51:51 +00:00
TreeHugger Robot
09a652eadc
Merge "Fix package path of android/soong/android pctx" into qt-dev
2019-04-12 17:24:18 +00:00
Torne (Richard Coles)
180b243c2e
Allow webview_zygote to read the /data/user/0 symlink.
...
ART follows the /data/user/0 symlink while loading cache files, leading
to:
avc: denied { getattr } for comm="webview_zygote" path="/data/user/0"
dev="sda35" ino=1310726 scontext=u:r:webview_zygote:s0
tcontext=u:object_r:system_data_file:s0 tclass=lnk_file permissive=0
Allow this access, the same as app and app_zygote do.
Bug: 123246126
Test: DeviceBootTest.SELinuxUncheckedDenialBootTest
Change-Id: I90faa524e15a17b116a6087a779214f2c2142cc2
(cherry picked from commit d40f7fd9d5
)
2019-04-12 11:35:43 -04:00
Maciej Żenczykowski
f4aeb81eec
sepolicy: proper labelling of /sys/devices/virtual/net/...
...
While we're at it also label /sys/module/tcp_cubic/parameters correctly.
Before:
[40/54] BinderTest#InterfaceSetMtu: FAILED (4ms)
STACKTRACE:
system/netd/tests/binder_test.cpp:2724: Failure
Value of: status.isOk()
Actual: false
Expected: true
Remote I/O error
system/netd/tests/binder_test.cpp:2580: Failure
Expected equality of these values:
mtu
Which is: 1200
mtuSize
Which is: 1500
Summary
-------
libbpf_android_test: Passed: 9, Failed: 0, Ignored: 0
libnetdbpf_test: Passed: 11, Failed: 0, Ignored: 0
netd_integration_test: Passed: 53, Failed: 1, Ignored: 0
netd_unit_test: Passed: 179, Failed: 0, Ignored: 0
netdutils_test: Passed: 68, Failed: 0, Ignored: 0
resolv_integration_test: Passed: 67, Failed: 0, Ignored: 0
resolv_unit_test: Passed: 67, Failed: 0, Ignored: 0
1 test failed
-------------
BinderTest#InterfaceSetMtu
Test: failing test now passes
Bug: 130318253
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I2f7e9824ccce9d1597a18400a9ddd74b53ded857
2019-04-11 22:25:00 +00:00
Colin Cross
37fae0520a
Fix package path of android/soong/android pctx
...
android/soong/common was renamed to android/soong/android long
ago, but the pctx package path was still "android/soong/common".
This required all users of rules defined in android/soong/android
to import "android/soong/android" and then
pctx.Import("android/soong/common").
Bug: 130298888
Test: m checkbuild
Change-Id: Ic9e8bf25e76dbd61bb1cb1d0e7d095e73c0f279b
2019-04-11 11:02:31 -07:00
Joel Galenson
99149c9fbf
Fix denial during bugreport.
...
Bug: 116711254
Test: Build.
Change-Id: Iafad9228a171796ce7ab18d60697eea396be4efa
Merged-In: I060b0d929a9d147f6327432844106d8270222d18
2019-04-11 09:41:50 -07:00
TreeHugger Robot
99a6d5317e
Merge "Let dumpstate get netd stack traces." into qt-dev
2019-04-11 08:42:15 +00:00
Jiyong Park
972d4b6473
Allow bootstrap bionic only to init, ueventd, and apexd
...
The bootstrap bionic (/system/lib/bootstrap/*) are only to the early
processes that are executed before the bionic libraries become available
via the runtime APEX. Allowing them to other processes is not needed and
sometimes causes a problem like b/123183824.
Bug: 123183824
Test: device boots to the UI
Test: atest CtsJniTestCases:android.jni.cts.JniStaticTest#test_linker_namespaces
Merged-In: Id7bba2e8ed1c9faf6aa85dbbdd89add04826b160
Change-Id: Id7bba2e8ed1c9faf6aa85dbbdd89add04826b160
(cherry picked from commit a0f998e6de
)
2019-04-11 13:04:19 +09:00
Nick Kralevich
c7a3140398
Add policy for /system/bin/auditctl
...
/system/bin/auditctl is executed by init to set the kernel audit
throttling rate limit. Grant the rules necessary for this to happen.
Test: compiles and boots
Test: Perform an operation which generates lots of SELinux denials,
and count how many occur before and after the time period.
Bug: 118815957
(cherry picked from commit 622ab8a2ba
)
Change-Id: Ie5b4852fa217462557fce192c764305893968454
2019-04-09 20:55:30 -07:00
TreeHugger Robot
61cbd0a362
Merge "Allow signals to hal_power_stats_server from dumpstate" into qt-dev
2019-04-09 22:54:04 +00:00
Tri Vo
e65658c044
Merge "ephemeral_app: restore /dev/ashmem open permissions" into qt-dev
2019-04-09 22:27:10 +00:00
TreeHugger Robot
ae58322ba7
Merge "Re-label /data/pkg_staging files as staging." into qt-dev
2019-04-09 19:58:37 +00:00
Tri Vo
0da2ecda62
ephemeral_app: restore /dev/ashmem open permissions
...
ephemeral_app domain doesn't distinguish between apps that target Q vs
ones target pre-Q. Restore ashmem permissions for older apps.
Bug: 130054503
Test: start com.nextlatam.augmentedfaces instant app
Change-Id: I490323cce96d69e561fc808426a9dfba2aeac30f
2019-04-09 11:53:53 -07:00
Benjamin Schwartz
b3ecb4e5b9
Allow signals to hal_power_stats_server from dumpstate
...
This is needed for bugreport to include ANR trace for the process.
Bug: 128878895
Test: adb bugreport
Change-Id: I92e6952b03ffb047e9fb75b0e44024f2623debb3
2019-04-09 10:25:58 -07:00
Dario Freni
b485a6ae20
Re-label /data/pkg_staging files as staging.
...
While the directory is not present anymore in Q, it has been shipped on
Q Beta 2 and the absence of such label might cause issues to devices
with pending installs which receive an OTA > Beta 2.
Bug: 130184133
Test: m
Change-Id: Ie3e77eebd2e7fd7b3a6a940d189cbc2bb386dc0e
2019-04-09 17:12:13 +01:00
Stephen Nusko
ba27ad4806
Add producer socket to the selinux perfetto domain.
...
This change allows the perfetto cmdline client to access
the (unprivileged) producer socket of traced, with the
intent of triggering finalization of already running traces
(see b/130135730). Matching change: aosp/932138
Note that:
- perfetto cmdline can already access the consumer socket
(to start tracing sessions).
- The producer socket is already exposed to most domains,
including unprivileged apps.
Bug: 130135730
Bug: 128966650
Test: manual
(cherry picked from commit cdda2dc3c9
)
Merged-In: Id9106279584798e6689102085fa46a0b7ecb1ba7
Change-Id: Id9106279584798e6689102085fa46a0b7ecb1ba7
2019-04-08 22:29:32 +01:00
Chalard Jean
18bf53fa4f
Let dumpstate get netd stack traces.
...
Test: manual
Bug: 128804277
Change-Id: Ibb3c0063f96f835edb13868b3e7a9fb9f6f94195
(cherry picked from commit a4c9f7b2c6
)
2019-04-05 18:09:04 +09:00
Roshan Pius
73449cee1a
Merge "wifi: Add a new property to indicate active wifi iface" am: 849ac8020d
am: 09b3e95f62
...
am: 2a65fd6fd5
Change-Id: I72cb4f33460d38b5c3b249a47d0cf0dec3e8ab6e
2019-04-03 10:48:37 -07:00
Roshan Pius
2a65fd6fd5
Merge "wifi: Add a new property to indicate active wifi iface" am: 849ac8020d
...
am: 09b3e95f62
Change-Id: I9aede4d79b1bb1a58a6a0a7f12ec716dee36c3a9
2019-04-03 10:37:56 -07:00
Roshan Pius
09b3e95f62
Merge "wifi: Add a new property to indicate active wifi iface"
...
am: 849ac8020d
Change-Id: Icc83697feb50e79f169e4a2b1464a9cf01284369
2019-04-03 10:25:35 -07:00
Treehugger Robot
849ac8020d
Merge "wifi: Add a new property to indicate active wifi iface"
2019-04-03 16:51:55 +00:00
Jiyong Park
401b639533
Remove apex_key_file am: cff95d7b5f
am: 6c36a99417
...
am: c035d085ec
Change-Id: I25f855da622f2fc754b5b2ad38c58dfc2e6351d3
2019-04-03 03:29:11 -07:00
Florian Mayer
79b4296acf
Merge "Allow traced_probes to read packages.list." am: 5686c383c8
am: 2ace731692
...
am: 374dbee17e
Change-Id: Id7f48176839b941cd5191a49c14c13c03aae5de1
2019-04-03 03:28:37 -07:00
Jiyong Park
c035d085ec
Remove apex_key_file am: cff95d7b5f
...
am: 6c36a99417
Change-Id: Ic6f044d6cc730cd7dbc2b3fa691f790977d9b2e1
2019-04-03 03:24:56 -07:00
Florian Mayer
374dbee17e
Merge "Allow traced_probes to read packages.list." am: 5686c383c8
...
am: 2ace731692
Change-Id: Ie1fb7afa8e140f5d2b110d56a9dba448e8207a2b
2019-04-03 03:24:31 -07:00
Jiyong Park
6c36a99417
Remove apex_key_file
...
am: cff95d7b5f
Change-Id: I78c841734fdefb90dceabadce1f41820f07d21c0
2019-04-03 03:19:50 -07:00
Florian Mayer
2ace731692
Merge "Allow traced_probes to read packages.list."
...
am: 5686c383c8
Change-Id: I9d4628a498205d54e6532795b8f6667c12701c22
2019-04-03 03:19:27 -07:00
Przemyslaw Szczepaniak
8c82a41271
Merge "NNAPI property to disable extensions use on GSI/AOSP product partition." am: d385346ada
am: b97cabd363
...
am: 4431bd1422
Change-Id: Icd04af7d194b9d02e826eee774757e1cdfc62e46
2019-04-03 03:01:40 -07:00
Jiyong Park
cff95d7b5f
Remove apex_key_file
...
We no longer have /system/etc/security/apex/* as the public keys are all
bundled in APEXes. Removing the selinux label and policies for it.
Bug: 936942
Test: device is bootable
Change-Id: I6b6144a8d15910d1ba8584a0778244ed398dc615
2019-04-03 09:49:15 +00:00
Przemyslaw Szczepaniak
4431bd1422
Merge "NNAPI property to disable extensions use on GSI/AOSP product partition." am: d385346ada
...
am: b97cabd363
Change-Id: I641310957b6c1ecaaef45f70532489f48acab91e
2019-04-03 02:43:27 -07:00
Treehugger Robot
5686c383c8
Merge "Allow traced_probes to read packages.list."
2019-04-03 09:28:26 +00:00
Przemyslaw Szczepaniak
b97cabd363
Merge "NNAPI property to disable extensions use on GSI/AOSP product partition."
...
am: d385346ada
Change-Id: I9afa8f205fca303d1451f89cff81d4e9dcfe0784
2019-04-03 02:24:15 -07:00
Przemyslaw Szczepaniak
d385346ada
Merge "NNAPI property to disable extensions use on GSI/AOSP product partition."
2019-04-03 08:51:53 +00:00
Jeff Vander Stoep
c428dd80d3
Merge "Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4" into stage-aosp-master am: 37f925077d" into pi-dev-plus-aosp
...
am: 424241e18d
Change-Id: I61521a72235c1257d2f2c0b9c35b32fc1f419fe1
2019-04-02 21:22:44 -07:00
Android Build Merger (Role)
0495ea3f0a
Merge "Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4" into stage-aosp-master am: 37f925077d
am: 42f419ff3b"
2019-04-03 03:59:42 +00:00
Jeff Vander Stoep
f5a4d7d1d5
Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4" into stage-aosp-master am: 37f925077d
...
am: 42f419ff3b
Change-Id: Ic8860b88bd376255b94a7ac61e25c490364bd533
2019-04-02 20:59:34 -07:00
Jeff Vander Stoep
caf9374f95
Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4" into stage-aosp-master am: 37f925077d
...
am: 42f419ff3b
Change-Id: I5af436de96fc7648c0eecc11993b4784a1e9ea86
2019-04-02 20:59:21 -07:00
Android Build Merger (Role)
ab8a8102fa
Merge "Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4
am: 7bc1740052" into pi-dev-plus-aosp am: e2e24ece95"
2019-04-03 03:55:31 +00:00
Jeff Vander Stoep
28a4364df6
Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4
am: 7bc1740052" into pi-dev-plus-aosp
...
am: e2e24ece95
Change-Id: I467608ffeff85202cf3caadd81b3bda5eec603cc
2019-04-02 20:55:21 -07:00
Jeff Vander Stoep
64c20d8328
Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4
am: 7bc1740052" into pi-dev-plus-aosp
...
am: e2e24ece95
Change-Id: Ia247295273d2494b13ffb3a77f8f0c3b3e0d2fef
2019-04-02 20:55:18 -07:00
Android Build Merger (Role)
aa47102881
Merge "Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4
am: 7bc1740052
am: ceeee0e4cf"
2019-04-03 03:52:55 +00:00
Jeff Vander Stoep
4a08b7db2f
Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4
am: 7bc1740052
...
am: ceeee0e4cf
Change-Id: I5d53177d04caad0ca70dca0703e4c350365bdda4
2019-04-02 20:52:46 -07:00
Jeff Vander Stoep
3d23317c01
Merge "Allow execmod for apps with targetSdkVersion=26-28" am: 61f28b33a4
am: 7bc1740052
...
am: ceeee0e4cf
Change-Id: I1476980b7652130dc022080e791a5999f45ebf1e
2019-04-02 20:52:23 -07:00