This changes are necessary to make files under /data/apex/active
be readable by Phonesky.
Test: builds
Bug: 154635217
Merged-In: I14116f02f3d3f0a8390f1d968a3971f15bd4b3f2
Change-Id: I14116f02f3d3f0a8390f1d968a3971f15bd4b3f2
(cherry picked from commit 89d43a51ba)
The ro.surface_flinger.* properties are using instead of configstore.
Add get_prop (domain, surfaceflinger_prop) to domain.te so that it can
be used on all systems in the same way as configstore.
Bug: 124531214
Test: read properties in java (ag/11226921)
Change-Id: Ifc8a53ea544c761d85e370e177913db91d8a33a2
This prop allows vendors to specify whether their devices
have basic eBPF compatibility (ie. Linux kernel 4.9 with P VINTF).
Make it exported_default_prop because the shared library
libbpf_android is used in a lot of places.
See: https://r.android.com/1261922
Bug: 151753987
Signed-off-by: Felix <google@ix5.org>
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ifd9af558d84ea1619a6af7fce81b700fdfb22b9f
All apps signed with the media key share a UID. However,
some run in the priv_app selinux context, and others run
in the mediaprovider context. That's a bug. Apps which share
a UID should always share an selinux domain. Assign all apps
with the seinfo=media to the mediaprovider selinux domain.
This moves the following packages from the priv_app to the
mediaprovider domain:
com.android.providers.downloads
com.android.providers.downloads.ui
com.android.mtp
com.android.soundpicker
Bug: 154614768
Test: atest CtsDownloadManagerApi28
Change-Id: I6f96142ef03101568abed670a0e32f952515a590
com.google.android.gms and com.google.android.gsf have a sharedUserId
but were being routed to two different domains:
com.google.android.gms 10145 0 /data/user/0/com.google.android.gms google:privapp:targetSdkVersion=10000
com.google.android.gsf 10145 0 /data/user/0/com.google.android.gsf google:privapp:targetSdkVersion=10000
This change routes them to the same domain: gmscore_app
Bug: 154597032
Test: TH
Change-Id: I0a309a687eb8608604cabf65b58763a1a3262153
A vendor has an audio HAL implementation for Android Automotive that
controls amplifiers with tcp sockets. This violates a neverallow rule
in 'public/hal_audio.te':
neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket
} *;
This rule prevents any audio HAL server from accessing sockets; But
public/hal_neverallows.te, line 19 exempts HAL servers on automotive
devices; because in a car it is common to have external modules
accessible over in-vehicle networks.
Therefore, the existing neverallow rule in hal_audio.te is a duplicate;
and this CL removes this rule.
Vendors on automotive devices should refer to 'vendor/hal_audio_default.te',
by (1) creating a new type; (2) associating the type with the
'hal_automotive_socket_exemption' attribute.
Bug: 150400684
Test: tested with the following rules in 'vendor/hal_audio_default.te'
Test: type harmon_amplifier, domain;
Test: typeattribute hal_audio_default hal_automotive_socket_exemption;
Test: allow hal_audio_default harmon_amplifier:tcp_socket connect;
Test: m -j should compile sepolicy without complaints
Change-Id: I517b050d0582d08f94f35ba815a030121385f319
This is to clean up bad name "exported_dalvik_prop"
Bug: 154465224
Test: sepolicy_tests
Test: treble_sepolicy_tests 26.0 ~ 29.0
Change-Id: Ie5e738b5985c1db1bca7a857971d8490a7980b5b
Previously we have allowed many kinds of app processes to access
gpuservice. However, upon sharing files through bluetooth, bluetooth
process starts an activity to handle this task. At the meanwhile, any
processes with an activity launched shall access gpuservice for stats
purpose. This change amends the rules so that we don't miss anything.
Bug: 153472854
Test: use bluetooth to share a photo and check logcat
Change-Id: I3d620b703d3afe92ac1f61cfb2a2f343352ddd4d
It already has read dir access, but was missing file access which
would allow it read /sdcard symlink (/mnt/pass_through/0/self/primary)
Test: adb shell am broadcast -a
android.intent.action.MEDIA_SCANNER_SCAN_FILE
--receiver-include-background -d file:///sdcard
Bug: 153151011
Change-Id: If4d3fa3d96de6dd9672c0c3aa25fb25f196fe295
This property controls how much userspace reboot watchdog will wait for
userspace reboot to start before falling back to hard reboot.
Test: builds
Bug: 152803929
Change-Id: I6955e8c94708e7e4161e4f334b03c052d42c0f9f
Defined a new signal intended to allow the system to reboot
the audio/soundtrigger HAL process.
Fixes: 153461865
Test: See main change in topic
Change-Id: I1e4a770670bb1274fa6a23cd0641f2554d4679f7
incident report contains similar data as in a bugreport, but in proto
format.
Test: adb shell incident -p LOCAL 1000
Bug: 152173578
Change-Id: Iee53a3b8a6c95629a1d5c15b4d17f3d680b14178
Before, we were silently ignoring unrecognized paths.
Bug: 152813275
Test: m (runs this test)
Test: reproduce every error I've added
Change-Id: I4a0b8fb9fff070d16126caa1499590693a6d2895
Together with aosp/1282157 this change allows the service to
create trace files in the /data/misc/perfetto-traces folder.
Before this change they needed to be created by the perfetto
cmdline client and pass the FD.
This doesn't work for host tools like Android GPU Inspector
(https://gpuinspector.dev/) which talk to the UNIX socket
over adb forward and cannot pass a FD from the host.
Bug: 153519149
Test: manual: adb shell perfetto --txt -c -
buffers { size_kb: 65536 }
data_sources {
config {
name: "linux.ftrace"
ftrace_config { ftrace_events: "sched_switch" }
}
}
duration_ms: 5000
write_into_file: true
output_path: "/data/misc/perfetto-traces/ttt"
Change-Id: I184329805741654983843e6a29c1fac19a836f59
Bug: 150761030
Test: setting to 1 in device/google/cuttlefish/shared/device.mk
causes "default-key: Not enough arguments" as expected.
Change-Id: I73262efff0be15f0295d23168049ed9e3721a7f7