This restriction was previously targetSdk gated for apps
with targetSdkVersion>=30.
This change is being posted for app-compat analysis and testing.
Bug: 170188668
Test: build
Change-Id: I08c709b2bb9a67157d0daf921e8ac7717a3bdf6f
This allows the Bluetooth to communicate with the SystemSuspend to
obtain system wakeup and wakelock information for Bluetooth activity
attribution (BTAA) processing.
BTAA is a process unit within the Bluetooth stack to aggregate
Bluetooth traffics, wakeup, and wakelocks into per-app, per-device, and
activity based statistical information.
Test: Local test verified Bluetooth can acquire suspend_control
Bug: 170315554
Change-Id: I7417132793c1000a8e3136c300cf8c1ba9cc3a14
The existing freeze test only covers the policy files in system/sepolicy
alone. There's demand from product teams that would like to implement a
freeze test for their sepolicy. Instead of letting them fork the freeze
test, we believe expanding the scope of the exising one is in the best
interest.
$FREEZE_TEST_EXTRA_DIRS and $FREEZE_TEST_EXTRA_PREBUILT_DIRS are added.
These build variables could be appended like $PRODUCT_PUBLIC_POLICY. The
product team are expected to maintain their policy prebuilts.
Bug: 166455099
Test: manual
Change-Id: I6f350e1e3db2807be4dbfd0ceb34f0d89f94d629
Users are unable to pass config files directly to
perfetto via `perfetto -c /path/to/config` and have to
resort to awkward quirks like `cat config | perfetto -c -'.
This is because /system/bin/perfetto runs in its own SELinux
domain for reasons explained in the bug.
This causes problem to test infrastructures authors. Instead
of allowing the use of /data/local/tmp which is too ill-scoped
we create a dedicated folder and allow only shell and perfetto
to operate on it.
Bug: 170404111
Test: manual, see aosp/1459023
Change-Id: I6fefe066f93f1f389c6f45bd18214f8e8b07079e
This re-alignes aosp and internal master to avoid
conflicts when uploading CLs upstream.
Bug: 170126760
Change-Id: I9c087e70998cd529b71dec7428641c4bfef10d31
This is to support the addition of the device state manager service and
its associated binder service.
Test: Manual - Modify policy and verify binder service can be published.
Fixes: 170034199
Change-Id: Id63cb1db3ee80ec699e98443457c113d6be809fe
The framework_watchdog_config_prop properties control framework watchdog
configurations to handle watchdog timeout loop. The properties are
written only by vendor_init.
More details and background: go/break-sys-watchdog-loop
Bug: 141948707
Change-Id: I6c0da5fdafba8165e79d0f04e0a82874f605a06d
Also make shared_relro_file mlstrustedobject to ensure these files can
still be read by any app in any user.
Bug: 170622707
Test: Manual: delete the files, check they are re-created and accessible.
Test: Manual: no denials seen
Test: Presubmits
Change-Id: Icce4ee858219e3fd0e307f3edfb3c66005872a45
/boot/etc/build.prop is a file available at first_stage_init to
be moved into /second_stage_resources.
The file is only read by first_stage_init before SELinux is
initialized. No other domains are allowed to read it.
Test: build aosp_hawk
Test: boot and getprop
Bug: 170364317
Change-Id: I0f8e3acc3cbe6d0bae639d2372e1423acfc683c7
This allows to profile binaries pushed by the user.
Test: run profile of out of tree perfetto on flame userdebug.
Bug: 170208766
Change-Id: I152d6d244cc5065ee2de24f839e4ad467bc22cdc
This CL changes a neverallow for /vendor apps accessing vendor_service.
Originally, /vendor apps ({appdomain -coredomain}) were disallowed from
accessing all AIDL services since they are platform implementation
details that may change over time, and these apps run in a system
context. However, now, vendor services can be stable. So, in order to
give the flexibility needed for vendor framework components installed to
the /vendor partition to access AIDL HALs, opening this up.
Bug: 163478173
Test: build (validates neverallows)
Change-Id: Ic2280021e875671ad99e3f1ba820c6e4408fd645
This will allow SystemServer to add the new vibrator manager service.
Bug: 166586119
Test: manually build and install on test device
Change-Id: I496f46e2f5482aaa7bfba31d6c6b2967486941cc
Separate selinux_policy_system_ext and selinux_policy_product from
the selinux_policy_nonsystem module. With this CL,
selinux_policy_nonsystem will include the files for /vendor and /odm
partitions only. It will still include selinux_policy_system_ext and
selinux_policy_product as required modules.
Bug: 170282998
Test: build and check boot
Change-Id: Ie2f646a217ec86ede95caec101622bc530d12cfc
The purpose of misc_writer is to write misc partition. However,
when it includes libfstab, it will probe files like kernal command
line (proc/cmdline) and metadata, which are permissions it does not
need.
Bug: 170189742
Test: Boot under permissive mode and find the errors gone.
Change-Id: Icda3200660a3bee5cadb6f5e0026fa71941ae5dc
irq and ipi tracepoint are required for Traceur's irq category.
Bug: 153486528
Test: manually captured a Traceur trace on user builds, verified that the
tracepoints were present.
Change-Id: I2f42fc293e87e2a3567ab55f7533fe6a5d7852bf
