The SELinux policy compiler needs to be available on-device to compile
SELinux policy at boot on some devices. For now, we're including this
unconditionally, but, going forward, we will include this binary only
on devices which need it.
Test: Device boots -- secilc is not yet used anyway
Bug: 31363362
Change-Id: I7712b70d7c5b4c57bec2cdb44519b42d26758d09
full_base_telephoney.mk file gets used only for emulators which should
have bluetooth disabled. Using the default handheld_core_hardware.xml
file has bluetooth enabled. We should use the generic
handheld_core_hardware.xml file for emulators which has bluetooth
disabled.
Its presence causes problems upstream in SystemServer when
BluetoothService starts and requires an extra emulator config change
which should not be there.
Bug: 35361545
Test: Verified by launching Android Emulator. It works fine and does not
start bluetooth.
Change-Id: I484c3d5867f46853fb49f28422dd72ab362ed768
We are splitting android.hidl.memory into android.hidl.allocator and
android.hidl.memory to reflect the fact that we have two separate
interfaces which are served over different transports.
Bug: 35327976
Test: hidl_test, device boots with allocator
Merged-In: I36b1554d20f89ecd60a836c04f788ac83e0a1f5c
Change-Id: I36b1554d20f89ecd60a836c04f788ac83e0a1f5c
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Successfully boot with split serivce and property contexts.
Change-Id: I1932684f600dd34d5136e72ac053fae13f0c3eba
Signed-off-by: Sandeep Patil <sspatil@google.com>
Test: make -j64 and flash the device and
ensure that lshal is available on the device.
Bug: 34712252
Change-Id: If61047afb27f9da9f8825ce18e2dfc0b3dec10e2
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Successfully boot with split serivce and property contexts.
Change-Id: I1f218ca842407d30650b8987ded6679672171091
Signed-off-by: Sandeep Patil <sspatil@google.com>
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Successfully boot with split serivce and property contexts.
Change-Id: I6fec8d9b3023de09d69198c9e72311a1f03fe844
Signed-off-by: Sandeep Patil <sspatil@google.com>
Bug: 34134179
Test: both 32 and 64 bit versions of this file are on the device after a
clean build.
Change-Id: I75ab12246c2c44e39b5e863dfec98dc72a36fbbe
This is the service that provides shared memory for hidl/treble
processes.
Bug: 32185232
Test: builds
Change-Id: I79162a781daad7aa704f4ee071fef0bbdea59a18
This reverts commit fad4b4b715.
Incorporating the following fixes:
1.
fsconfig: fix fs_config_* build for discovered headers
When android_file system_config.h is picked up from the device
directory, neither TARGET_FS_CONFIG_GEN or TARGET_ANDROID_FILESYSTEM_CONFIG_H
are specified. Thus, the build is not generating the required fs_config_files
and fs_config_dirs.
Test: Ensure that make fs_config_files works, and produces the same output as before
Build the system image and mount it as a loop back and dump the file system
capabilities with getcap. Verify that output to the supplied
android_file system_config.h
From the loopback of the system.img mount, from CWD system/bin:
$ getcap *
cnss-daemon = cap_net_bind_service+ep
hostapd = cap_net_admin,cap_net_raw+ep
imsdatadaemon = cap_net_bind_service+ep
ims_rtp_daemon = cap_net_bind_service+ep
logd = cap_setgid,cap_audit_control,cap_syslog+ep
mm-qcamera-daemon = cap_sys_nice+ep
pm-service = cap_net_bind_service+ep
run-as = cap_setgid,cap_setuid+ep
surfaceflinger = cap_sys_nice+ep
webview_zygote32 = cap_setgid,cap_setuid,cap_setpcap+ep
webview_zygote64 = cap_setgid,cap_setuid,cap_setpcap+ep
Compared to the android_filesystem_config.h:
{ 00700, AID_CAMERA, AID_SHELL, (1ULL << CAP_SYS_NICE), "system/bin/mm-qcamera-daemon" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/pm-service" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/imsdatadaemon" },
{ 00755, AID_SYSTEM, AID_RADIO, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/ims_rtp_daemon" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/cnss-daemon"},
2.
fsconfig: fix error message for duplicate AID
Fixes:
raise ValueError('Duplicate aid value "%u" for %s' % value,
TypeError: %u format: a number is required, not str
and
raise ValueError('Duplicate aid value "%s" for %s' % value,
TypeError: not enough arguments for format string
3.
fsconfig: add test for duplicate ranges
Add a test for duplicate range detection.
4.
fsconfig: skip AID_APP, AID_USER and all ranges
Do not output AID_APP, AID_USER and ranges. A range
is defined as ending with AID_ and ending in _START or
_END.
5.
fsconfig: test for skip AID_APP, AID_USER and all ranges
Test against AIDs that caused the bionic tests to fail.
Change-Id: I95569a9ccc83bd3231f8a6f395532cc2de316bd2
Signed-off-by: William Roberts <william.c.roberts@intel.com>
Add build targets for split sepolicy files so they'll appear in the root dir for
on-device compilation. nonplat_sepolicy will eventually be removed as it should
be provided by a different partition. Also replace sepolicy.recovery with the
appropriate split components.
Bug: 31363362
Test: Policy builds on-device and boots.
Change-Id: I017dabe6940c3cd20de6c00bb5253274d5a9269b
This makes the apk avaiable on all devices and can be overridden on a
per-product basis using LOCAL_OVERRIDES_PACKAGES.
BUG: 33224286
Test: Verified with lunch aosp_bullhead-userdebug; make
Change-Id: Ib345193caa4431b6405294bd8759d93349335814
* changes:
fs_config: add unit tests
fs_config: drop fs_config_files/dirs PRODUCT_PACKAGES requirement
fs_config: add group to build
fs_config: introduce group generator
fs_config: add passwd to build
fs_config: introduce passwd generator
fs_config: generate friendly in AID class
fs_config: limit characters for AID_<name> sections
fs_config: generate oem AID header file
fs_config: android_id header generator
fs_config: support parsing android_filesystem_config.h
fs_config: modularize fs_config_generator
This section will be modified as part of splitting these packages into platform
and non-platform components. Sort them all to avoid conflicts.
Bug: 31363362
Test: Builds
Change-Id: I91fb4d4d7c0a6971a19047ef2eb2981770a122ff
This reverts commit a35d92e431.
The app_process__asan module is merged into app_process.
Bug: 33224213
Test: m
Change-Id: I5e3e836c67b5bd17cf967f1b2429e39c4e18557b
This reverts commit eee31511f7.
Rewriting of app_process adds an automatic dependency.
Bug: 33224213
Test: m
Change-Id: Idd9509d116692954224f4d2ffd6c81b69e9a85a3
Bug: http://b/28866258
Remove libbcc.so from the list of directly packaged modules. 64-bit
libbcc.so gets included as a dependency for the bcc executable (which is
a required package). 32-bit libbcc.so is no longer necessary on 64-bit
devices.
This change also removes 32-bit libLLVM.so from a 64-bit system image
(leading to a 13M reduction in Angler's system image on AOSP) and a
considerable reduction in build time.
Test: - Build all topics in this CL
- RsTest (including the 32-bit ABI) and CTS tests pass on x86 and
x86_64 emulators and Angler.
Change-Id: I10f07e322a615f37d6967b7c938635f544ddceff
Add asanwrapper helper binary to PRODUCT_PACKAGES when building with
SANITIZE_LITE=true.
Bug: 33224213
Test: m SANITIZE_TARGET=address SANITIZE_LITE=true && ls $OUT/system/bin/asanwrapper
Change-Id: Ic4d8973b9e9ddfd9ef8663735bf5f70d8f9f70e1
Add sanitized app_process module to PRODUCT_PACKAGES when building
with SANITIZE_LITE=true
Bug: 33224213
Test: m SANITIZE_TARGET=address SANITIZE_LITE=true && ls $OUT/system/bin/asan
Change-Id: Ic67976f1b897b638d569ec6f42d5a8d59f8a9285
When configuring fs_config_files or fs_config_dirs for file_system
capabilities, drop the requirement that OEMs must add the target
to PRODUCT_PACKAGES. This limits the configuration requirement
to only needing to set the new and preferred TARGET_FS_CONFIG_GEN
or the older TARGET_ANDROID_FILESYSTEM_CONFIG_H method.
Test: That only setting TARGET_FS_CONFIG_GEN results in passwd and
group in the build image.
Change-Id: I818854fa1b3e94edaff59a32bd7cf23cf9b504aa
Signed-off-by: William Roberts <william.c.roberts@intel.com>
