mediacodec currently only has permissions to allocate from ION heaps.
The following permission is required for it to allocate from the
DMA-BUF system heap via the the codec2 allocator.
It resolves the following denial in the sdk_gphone_x86_64-userdebug
target:
01-08 22:43:48.712 337 337 I auditd : type=1400 audit(0.0:6): avc:
denied { getattr } for comm="android.hardwar"
path="/dev/dma_heap/system-uncached" dev="tmpfs" ino=311
scontext=u:r:mediacodec:s0
tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file
permissive=0
Bug: 170887642
Test: make and boot
Change-Id: I5503ed6ffa47a84f614792de866ddafbec0cdcda
Access to /proc/locks is necessary to activity manager to determine
wheter a process holds a lock or not prior freezing it.
Test: verified access of /proc/locks while testing other CLs in the same
topic.
Bug: 176928302
Change-Id: I14a65da126ff26c6528edae137d3ee85d3611509
Feature description: if a background trace is happening at the
time dumpstate is invoked, the tracing daemon will snapshot
the trace into a fixed path (/data/misc/perfetto-traces/bugreport/).
Dumpstate will attach the trace, if present, to the bugreport.
From a SELinux viewpoint this involves the following permissions:
- Allow dumpstate to exec+trans perfetto --save-for-bugreport
(this will just send an IPC to traced, which will save the trace).
- Allow dumpstate to list, read and unlink the trace file.
- Create a dedicated label for bugreport traces, to prevent that
dumpstate gets access to other traces not meant for bug reporting.
Note that this does NOT allow dumpstate to serialze arbitary traces.
Traces must be marked as "eligible for bugreport" upfront in the
trace config (which is not under dumpstate control), by
setting bugreport_score > 0.
Design doc: go/perfetto-betterbug
Bug: 170334305
Test: manual:
1. start a perfetto trace with bugreport_score > 0
2. adb shell dumpstate
3. check that the bugreport zip contains the trace
Change-Id: I259c3ee9d5be08d6b22c796b32875d7de703a230
- Update policy for new system service, used for AiAi/Apps to
present data in their UI.
Bug: 173243538
Bug: 176208267
Test: manual. Can boot to home and get manager successfully.
Change-Id: Ie88c6fa7ed80c0d695daaa7a9c92e11ce0fed229
This simplifies operation by removing a special case for user builds.
Test: atest CtsPerfettoTestCases on user
Test: atest CtsPerfettoTestCases on userdebug
Test: atest perfetto_integrationtests on userdebug
Bug: 153139002
Change-Id: Ibbf3dd5e4f75c2a02d931f73b96fabb8157e0ebf
These flags should be writeable to the shell for both root and non-root
users. They should be readable everywhere, as they're read in libc
during initialization (and there's nothing secret to hide). We just
don't want to allow apps to set these properties.
These properties are non-persistent, are for local developer debugging
only.
Bug: 135772972
Bug: 172365548
Test: `adb shell setprop memtag.123 0` in non-root shell succeeds.
Change-Id: If9ad7123829b0be27c29050f10081d2aecdef670
This allows us to log metrics from traced to statsd
for failures. This is required for implementation of
go/perfetto-failure-stats.
This matches the CL aosp/1512303 which adds the initial logging to
traced.
This solves the following denied message from logcat:
avc: denied { write } for name="statsdw" scontext=u:r:traced:s0
tcontext=u:object_r:statsdw_socket:s0
Bug: 177215620
Change-Id: I4cc613c3a8f4d75c4a5c232b996f8a6cffd3ba9d
Adding 'ro.surface_flinger.enable_frame_rate_override' to control
whether frame rate override feature should be enabled or not.
Bug: 170502573
Bug: 176940141
Change-Id: Ida0e13f9a7c420f5f363d1feeacf882d8b76a8fa
Test: atest FrameRateOverrideHostTest
This change will help debug builds with keeping debugfs
disabled during run time. Instead, debugfs will be mounted by init
to enable boot time initializations to set up debug data collection
and unmounted after boot. It will be also be mounted by dumpstate
for bug report generation and unmounted after.
It resolves the following avc denial:
avc: denied { mounton } for comm="init" path="/sys/kernel/debug" dev="debugfs"
ino=1 scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
Bug: 176936478
Test: make && boot
Change-Id: I5bc819eb0cc36bdc32565c17a16da8838baf946a
See go/rescue-party-reboot for more context.
One integer will be stored in a file in this
directory, which will be read and then deleted at the
next boot. No userdata is stored.
Test: Write and read from file from PackageWatchdog
Bug: 171951174
Change-Id: I18f59bd9ad324a0513b1184b2f4fe78c592640db
We will link files under /data/apex/active and /data/app to
/data/rollback when enabling rollbacks to avoid copy.
When creating hard links, we have to enusre source and target have the
same label to avoid subtle bugs.
We will assign apk_data_file to *.apk files and
staging_data_file to *.apex files under /data/rollback.
Also allow system_server to link /data/apex/active files.
Bug: 168562373
Test: m
Change-Id: I4be38cc8c84494c4ddfa03e37f2af3958bff5dfb
Revert "Add ability to declare licenses in soong."
Revert submission 1377717-metalics
Reason for revert: This has broken renderscript_mac target for aosp-master, see b/176909442
Reverted Changes:
I26ac54ca9:Define the standard license_kind rules.
I656486070:Export soong license data to make.
If9d661dfc:Export soong license data to make.
I97943de53:Add ability to declare licenses in soong.
Icaff40171:Rough-in license metadata support to make.
Ib8e538bd0:Add variables for notice deps, license kinds etc.
Change-Id: I9af3727fba03f6b40cd6d77c7e259ef4c9b7f29d
Now newer system policy and older vendor policy can be built together by
setting following variables:
- BOARD_SEPOLICY_VERS
- BOARD_REQD_MASK_POLICY (copy of older system/sepolicy/reqd_mask)
- BOARD_PLAT_VENDOR_POLICY (copy of older system/sepolicy/vendor)
- BOARD_(SYSTEM_EXT|PRODUCT)_(PUBLIC|PRIVATE)_PREBUILT_DIRS (copy of
older system_ext and product policies)
Bug: 168159977
Test: try normal build and mixed build
Test: boot and check selinux denials
Change-Id: Ie239580433ffd293fa6891cd665fb5ef83c0a14f
