This defines the kcmdline_prop context for properties controlled by
kcmdlinectrl, and defines a property called kcmdline.binder for
switching between the Rust and C implementations of the Binder driver.
It is intended that additional kcmdline properties introduced in the
future would share the same kcmdline_prop context.
Test: Verified that setprop/getprop work and that the value is loaded properly at boot
Bug: 326222756
Change-Id: Iea362df98d729ee110b6058c6e5fa6b6ace03d8e
Follow up of aosp/2849357 and aosp/2849358. Tests related to the
removed file_context objects should also be removed
Bug: 161776767
Test: checkfc -t private/file_contexts contexts/plat_file_contexts_test
Change-Id: Id986b739cc81af91aadf8853d685d41ad4238292
am skip reason: Merged-In If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7 with SHA-1 99a4cbcee7 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2983718
Change-Id: Id6e863be8adeb1f2c35b31ac7336d8b3b0cd800d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7 with SHA-1 99a4cbcee7 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2983718
Change-Id: I9f31a1c6be5825173d96e45f417332262cbaef84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This change updates neverallow list to allow accessing udp
sockets from hal_bluetooth_server.
Bug: 305104428
Bug: 328147587
Change-Id: Ic1d80c7cb1aa62969b541ee30686afd57ec51fb0
(cherry picked from commit 3a739f9bed)
Create a new folder for connectivity blobs, to be used by
ConnectivityBlobStore for VPN and WIFI to replace legacy
keystore.
System server will need permissions to manage databases in the
folder and system server will create the folder in init.rc.
Bug: 307903113
Test: checkfc -t private/file_contexts contexts/plat_file_contexts_test
Test: build and manual test.
Change-Id: Ib51632af9624d8c3ebf2f752547e162a3fbbb1b0
Since 202404, vendor components will use /system/bin/sh for system(3),
popen(3), etc.
Bug: 324142245
Test: system("readlink /proc/$$/exe") in vendor HALs
Change-Id: I521499678e87a7d0216a276e014888867f495803
(cherry picked from commit f0ba322926)
am skip reason: Merged-In I7ff8a0319bec2f3a57c7ce48939b13b2fca182de with SHA-1 37ca69e5c8 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2978635
Change-Id: I8f3e6e956b3481c98c42f7119a84e6a7b6e00967
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I7ff8a0319bec2f3a57c7ce48939b13b2fca182de with SHA-1 37ca69e5c8 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2978635
Change-Id: I98965df2edfec7ca4c17b420b29f243524f6996f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I7ff8a0319bec2f3a57c7ce48939b13b2fca182de with SHA-1 37ca69e5c8 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2978635
Change-Id: I325e645ddeeb165617ff7ee2199f0751b56fee76
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I7ff8a0319bec2f3a57c7ce48939b13b2fca182de with SHA-1 37ca69e5c8 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2978635
Change-Id: If132bed3272ba8445ba3c9ba131ddc4b5926d7cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
policy
system, system_ext, product and vendor partitions have aconfig storage
files under /<partition>/etc/aconfig dir. need to grant access to
aconfigd.
Bug: b/312459182
Test: m and tested with AVD
Change-Id: I9750c24ffa26994e4f5deadd9d772e31211a446a
The default policy for the "lockdown" access vector on Android was
introduced in commit bcfca1a6. While the "confidentiality" permission
was granted to all processes, the "integrity" was marked as
neverallowed.
Upstream, the support for that access vector was removed from kernel
5.16 onwards.
It was found that the "integrity" permission either does not apply to
Android or duplicates other access control (e.g., capabilities
sys_admin).
Instead of simply removing the neverallow rule, the access is granted to
all processes. This will prevent the proliferation of references to this
access vector in vendors' policies and ultimately facilitate its
removal.
Test: presubmit
Bug: 285443587
Bug: 269377822
Bug: 319390252
Change-Id: If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7
(cherry picked from commit 99a4cbcee7)
Merged-In: If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7
debug/eng builds.
This change is to allow SystemUI, a platform_app, to start, stop,
and share Perfetto/Winscope traces.
Bug: 305049544
Test: Verified everything works on my local device.
Change-Id: I8fc35a5a570c2199cfdd95418a6caf0c48111c46
am skip reason: Merged-In I7e4c044a6a2afb48c33d65cc421e797d77aacc12 with SHA-1 28b811df1c is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2977032
Change-Id: I674060405e05470708ce20d95cf828ab9c5b2b17
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I7e4c044a6a2afb48c33d65cc421e797d77aacc12 with SHA-1 28b811df1c is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2977032
Change-Id: Ie115d6f1b4683ddc625809756a7caf824cd406d4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This is needed to allow vendor xt_bpf programs.
Bug: 325709490
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7ff8a0319bec2f3a57c7ce48939b13b2fca182de
(cherry picked from commit 37ca69e5c8)
Merged-In: I7ff8a0319bec2f3a57c7ce48939b13b2fca182de
The default policy for the "lockdown" access vector on Android was
introduced in commit bcfca1a6. While the "confidentiality" permission
was granted to all processes, the "integrity" was marked as
neverallowed.
Upstream, the support for that access vector was removed from kernel
5.16 onwards.
It was found that the "integrity" permission either does not apply to
Android or duplicates other access control (e.g., capabilities
sys_admin).
Instead of simply removing the neverallow rule, the access is granted to
all processes. This will prevent the proliferation of references to this
access vector in vendors' policies and ultimately facilitate its
removal.
Test: presubmit
Bug: 285443587
Bug: 269377822
Bug: 319390252
Change-Id: If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7
(cherry picked from commit 99a4cbcee7)
Merged-In: If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7
This includes rules for starting Perfetto as well as rules for
communicating over stdio between Perfetto and system_server.
This is a cherrypick of aosp/2958867 with prebuilts updated.
Bug: 325709490
Test: Presubmit
Change-Id: I7e4c044a6a2afb48c33d65cc421e797d77aacc12
Merged-In: I7e4c044a6a2afb48c33d65cc421e797d77aacc12