Commit graph

38811 commits

Author SHA1 Message Date
Treehugger Robot
19a06c383a Merge "microdroid: Allow payload read /proc/meminfo" 2022-08-24 09:55:52 +00:00
Bart Van Assche
aa9113f378 Remove bdev_type
Bug: 202520796
Change-Id: If067a0fa51e97a4fc2c6b60864e4dc7c51abeded
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2022-08-23 16:01:17 -07:00
Hongguang
9515559657 Add properties to configure whether the lazy tuner is enabled.
ro.tuner.lazyhal: system_vendor_config_prop to decide whether the lazy
tuner HAL is enabled.
tuner.server.enable: system_internal_prop to decide whether tuner server
should be enabled.

Bug: 236002754
Test: Check tuner HAL and framework behavior
Change-Id: I6a2ebced0e0261f669e7bda466f46556dedca016
2022-08-23 07:01:05 +00:00
Jiyong Park
d0fe3ef25a Merge "Allow microdroid_manager to run kexec" 2022-08-23 01:09:06 +00:00
Shunkai Yao
3a6c68f2ba AIDL effect: Add default Effect factory implementation to platform sepolicy
Add example implementation services: IFactory under android.hardware.audio.effect.
An audio HAL AIDL example service will register with the default implementations.

Bug: 238913361
Test: m, and flash with Pixel 6a.

Change-Id: Ib331899fd47b6b334b120e20617174d01e71ddb8
2022-08-22 19:27:26 +00:00
Jiyong Park
bc0e0dce04 Allow microdroid_manager to run kexec
/system/bin/kexec in Microdroid is now properly labeled as kexec_exec.
The binary is responsible for loading the crashkernel into memory so
that when a kernel panic occurs the crashkernel is executed to dump the
RAM.

Microdroid_manager executes the kexec binary as part of the boot
process. It does this only when the kernel is booted with a memory
reserved for the crashkernel, which is determined by checking if
`crashkernel=` is included in the cmdline. For this, it is allowed to
read /proc/cmdline.

Bug: 238404545
Test: boot microdroid
Change-Id: Id08ba9610e3849ba811367917df8dfcc1774b561
2022-08-23 00:02:36 +09:00
Treehugger Robot
3da6089241 Merge "Add go.mod for build/soong" 2022-08-19 18:44:18 +00:00
Kelvin Zhang
0a8d5697a6 Merge "Add sepolicy for fastboot io uring feature flag" 2022-08-19 16:37:07 +00:00
Treehugger Robot
30c23bc84a Merge "De-dupe compos rules" 2022-08-19 14:04:17 +00:00
David Brazdil
744ae7f798 microdroid: Allow payload read /proc/meminfo
/proc/meminfo contains useful information about the amount of memory
available to the VM and the payload. Let microdroid_payload domain read
the file.

Test: atest MicrodroidBenchmarks
Change-Id: I22d4888cf84e78ce8ed0803e7ebdeb7fca370e1f
2022-08-19 13:57:33 +01:00
Inseob Kim
b570d75cd4 Merge "Reorganize Android.bp files and modules" 2022-08-19 10:44:38 +00:00
Alan Stokes
07ce6daa44 De-dupe compos rules
compos has the microdroid_payload attribute, so we don't need to
duplicate rules that apply to that. This .te should only have things
that differentiate compos from other payloads.

Test: Presubmits
Change-Id: Ib5b8c52f9a068a583fc1471ac6cf0e4aef906857
2022-08-19 11:34:53 +01:00
Ryan Savitski
d55bbbb41a Merge "perfetto profiling: fix access to ART apex files" 2022-08-19 10:30:04 +00:00
Treehugger Robot
e2dd659d7a Merge "Allow clients read ramdump piped through virtualizationservice" 2022-08-19 08:29:05 +00:00
Inseob Kim
4364ed3904 Merge "Build mac_permissions.xml with Soong" 2022-08-19 05:54:53 +00:00
Treehugger Robot
bd0a3fadd6 Merge "Allow dumpstate to access fscklogs" 2022-08-19 01:43:43 +00:00
Ryan Savitski
3f3e222527 perfetto profiling: fix access to ART apex files
The profilers cannot open files under
/data/misc/apexdata/com.android.art/dalvik-cache because they're not
allowed to search /data/misc/apexdata with the apex_module_data_file
label.

Example denial:
  avc: denied { search } for name="apexdata" dev="dm-37" ino=89
  scontext=u:r:traced_perf:s0
  tcontext=u:object_r:apex_module_data_file:s0 tclass=dir permissive=0

Tested: patched & flashed onto a TM device, then profiled system_server
Bug: 241544593
Change-Id: Ifd8b94a9ebcae09701e95f6cd6a14383209963db
2022-08-19 00:30:40 +01:00
Jiyong Park
cca5402261 Allow clients read ramdump piped through virtualizationservice
When a kernel panic occurs in a debug-enabled VM, a crashdump is created
in the VM and then it is flushed to the per-VM host-side file
/data/misc/virtualizationservice/<cid>/ramdump. Virtualizationservice
then opens the file and sends the FD to the owning client. This change
allows the client to read the ramdump via the FD.

A client accessing ramdump of other VM is prohibited since opening the
ramdump file is not allowed for the client; only virtualizationservice
can do it. Furthermore, ramdumping will be enabled only for the
debuggable VMs, which means reading it doesn't actually reveal any
(true) secret.

Bug: 238278104
Test: do the ramdump
Change-Id: I50e1fa83b99e8f24c849e278710b38f6ff9a25be
2022-08-18 14:44:11 +00:00
Xin Li
23f9ed951b Skip android13-tests-dev
Merged-In: I29d390dcfbeaa65b2c868bbc8648835c644e3d18
Change-Id: I0ad966f8bcc13ab5ceb77f938561e47ddd8b6789
2022-08-17 16:38:39 -07:00
Alessandra Loro
50fa5cd9a0 Merge "Disallow untrusted apps to read ro.debuggable and ro.secure" 2022-08-17 12:34:24 +00:00
Richard Chang
6d5bb236da Merge "sepolicy: allow vendor system native boot experiments property" 2022-08-17 06:29:30 +00:00
Inseob Kim
79fdbeb1ce Reorganize Android.bp files and modules
Test: build and boot
Change-Id: Id8a1a2faecf37de81b91e2669f6afa4cbe91443c
2022-08-17 09:50:22 +09:00
Inseob Kim
6d79030d0c Build mac_permissions.xml with Soong
Bug: 33691272
Test: build and compare
Change-Id: Iacbd5bcf77f0b1c0b5e2c6691efb4c62bc78fdf8
2022-08-17 09:49:35 +09:00
Juan Yescas
bec405a7c2 Add ro.boot.ddr_size sysprop to sepolicy
srcs/android/sysprop/MemoryProperties.sysprop

This property is populated by property service from the kernel
command line parameter androidboot.ddr_size=XXXX. Vendors can set
this command line option from the bootloader.

Bug: 231718727
Test: n/a
Change-Id: I3fb8a18125081b1a30dee715831f5701964cb375
2022-08-16 19:45:35 +00:00
Xin Li
122f787b8a Merge "DO NOT MERGE - Merge Android 13" 2022-08-16 19:11:36 +00:00
Kelvin Zhang
aa7a9a4096 Add sepolicy for fastboot io uring feature flag
fastboot will read this prop to check if io uring is supported. Add
proper sepolicy.

Test: th
Bug: 31712568
Change-Id: I8990d8a31748534d4444a2ef25b58d629651dac7
2022-08-16 18:13:00 +00:00
Katherine Lai
c6ad2cb247 Merge "Add bluetooth sniff and LE connection sysprops" 2022-08-16 16:57:12 +00:00
Alessandra Loro
d0e108fbbe Disallow untrusted apps to read ro.debuggable and ro.secure
ro.secure and ro.debuggable system properties are not intended
to be visible via Android SDK. This change blocks untrusted
apps from reading these properties.

Test: android.security.SELinuxTargetSdkTest
Bug: 193912100
Change-Id: I40ac5d43da5778b5fa863b559c28e8d72961f831
2022-08-16 14:24:27 +00:00
Jiyong Park
6438f66960 Remove an obsolete rule for microdroid_manager
The fuse supports file contexts. Microdroid_manager no longer needs the
access to the fuse label.

Bug: 188400186
Test: run microdroid test
Change-Id: I9a17a96c6d07a466e1fa01d65279e467a874da3f
2022-08-16 14:40:55 +09:00
Xin Li
89c69aea0d DO NOT MERGE - Merge Android 13
Bug: 242648940
Merged-In: I3a0cffb34429320a412a7c05220376c0b58e28a3
Change-Id: Ia174f7c80529d812a26acca82bd6763c49d8bf36
2022-08-15 22:06:35 -07:00
Treehugger Robot
5a7f207a22 Merge "Add file contexts for HealthConnect APEX" am: 59c456eeb3
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2183548

Change-Id: I71c5c7248c9fa8a4916fadb0ab64993b2d2f790c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-15 13:46:13 +00:00
Gavin Corkery
b593054797 Stop auditing sdk_sandbox access to audio_service am: 5f7432546f
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2186035

Change-Id: I9f76c4a336be806596ff6a4074b703dbda652b6d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-15 13:46:04 +00:00
Treehugger Robot
59c456eeb3 Merge "Add file contexts for HealthConnect APEX" 2022-08-15 13:40:56 +00:00
Gavin Corkery
5f7432546f Stop auditing sdk_sandbox access to audio_service
This service has valid use cases such as video players and should therefore not be audited.

Change-Id: I3a0cffb34429320a412a7c05220376c0b58e28a3
Test: make
Bug: 211632068
2022-08-15 10:18:50 +00:00
Anna Zhuravleva
406287da6c Add file contexts for HealthConnect APEX
Test: build
Bug: 242298335
Change-Id: I9ad9037590a40b29bdc00b11d0a9c352b50608fc
2022-08-12 19:03:11 +00:00
Jaegeuk Kim
5e5abd6f4f Allow dumpstate to access fscklogs
Bug: 241641121
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I4561775a277e26eaca1351c6e90add1e9adea8e5
2022-08-12 10:59:40 -07:00
Sasha Smundak
43e9a404bf Add go.mod for build/soong
Test: treehugger
Change-Id: Id69d6cb94cff7efd082a127ea6def7db6c5422fc
2022-08-11 17:18:13 -07:00
Siim Sammul
0c09546a31 Merge "Allow creating /data/tombstones files by system_server. Needed for ag/18773746" am: 9c0d804b45
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2112289

Change-Id: Id5378c2791e0cc5f933df73849b511cbac6dce1e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-11 10:21:20 +00:00
Siim Sammul
9c0d804b45 Merge "Allow creating /data/tombstones files by system_server. Needed for ag/18773746" 2022-08-11 09:58:56 +00:00
Richard Chang
74334efa4b sepolicy: allow vendor system native boot experiments property
Grant system_server and flags_health_check permission to set the
properties that correspond to vendor system native boot experiments.

Bug: 241730607
Test: Build
Merged-In: Idc2334534c2d42a625b451cfce488d7d7a651036
Change-Id: I3e98f1b05058245cad345061d801ecd8de623109
2022-08-11 08:03:42 +00:00
Sandro
7b44abb842 Add apex_sepolicy targets for running go/seamendc am: 143988dedb
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2175366

Change-Id: I65905c1a0945edeae4dd316e8f607708d8f6d243
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-10 09:52:38 +00:00
Katherine Lai
e564c90cba Add bluetooth sniff and LE connection sysprops
Added new sysprops to configure sniff parameters (max interval,
min interval, attempt, timeout) and LE connection parameters
(min/max connection interval, latency, supervision timeout,
direct connection timeout, scan interval/window)

Bug: 233119719
Bug: 233119457
Tag: #floss
Test: Manual
Change-Id: I9663e05067800ef79528bfbc7b626c29cf5514de
2022-08-09 22:57:57 +00:00
Sandro
143988dedb Add apex_sepolicy targets for running go/seamendc
This is a roll-forward of some of the changes rolled back in
aosp/2170746. I am rolling forward in smaller chunks so that it is
easier to identify and avoid possible breakages.

Bug: 236691128
Test: atest SeamendcHostTest
Change-Id: Ibe451325d471fe04cd52683ba90a22543fa84c7c
2022-08-09 09:33:09 +00:00
Edwin Wong
078df507dc Merge "Enable dumpsys widevine without root" am: b7529adf07
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2166095

Change-Id: I11291fea53e0d4be42390f2848e050d128eb9839
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-09 05:58:48 +00:00
Edwin Wong
b7529adf07 Merge "Enable dumpsys widevine without root" 2022-08-09 05:37:28 +00:00
Sandro Montanari
fca23d3c9c Merge "searchpolicy: return empty list when providing non existing source/target" am: 8c731dc5b5
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2175365

Change-Id: I439365cb0a9c858eb2e0ea8b5bb39de2af68dcf9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-08 08:48:49 +00:00
Sandro Montanari
8c731dc5b5 Merge "searchpolicy: return empty list when providing non existing source/target" 2022-08-08 08:25:59 +00:00
Derek Smith
541d5421f7 Merge "traced_probes: allow perfetto to read buddyinfo proc entry" am: 5ff4b6ff78
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2175504

Change-Id: I74e8d437731cce2fa0e4d0f1f0ab8389559e903f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-05 21:40:36 +00:00
Derek Smith
5ff4b6ff78 Merge "traced_probes: allow perfetto to read buddyinfo proc entry" 2022-08-05 20:51:39 +00:00
Garfield Tan
0e76cc62b1 Allow zygote to read persist.wm.debug.* prop am: 49a8b76d4a
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2175950

Change-Id: Ic901b7baa3b2ab71be3c72289b50d451e6526ba9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-05 20:40:24 +00:00