Commit graph

432 commits

Author SHA1 Message Date
Inseob Kim
3458c57e5a Guard new types with starting_at_board_api macro
To prevent these types from being released in 24Q3, which must be same
as 202404 release.

Bug: 330670954
Test: build
Change-Id: Ibb124fbb069f2025a572bc09c73c241f808676c3
2024-04-23 02:05:24 +00:00
Martin Liu
f7396914b0 add compaction_proactiveness type
Bug: 332916849
Test: boot
Change-Id: I41c0da22ed5ad738c75fb00e2ac8a22c35dff2d3
Signed-off-by: Martin Liu <liumartin@google.com>
2024-04-10 13:48:15 +00:00
Devin Moore
dfc018f886 Merge "Allow system_server to read binderfs state file" into main 2024-04-02 22:04:34 +00:00
Devin Moore
9645657201 Allow system_server to read binderfs state file
This is for more information on binder threads during ANRs.

Test: adb shell am hang
Bug: 316970771
Change-Id: I905c8b605540aabb7463cb0e1b3a9a8b07f8d5cb
2024-03-29 00:30:19 +00:00
Inseob Kim
09b27c7109 Add "DO NOT ADD statements" comments to public
For visibility

Bug: 232023812
Test: N/A
Change-Id: I0bc6dc568210b81ba1f52acb18afd4bcc454ea1c
2024-03-28 11:27:43 +09:00
Inseob Kim
75806ef3c5 Minimize public policy
Ideally, public should only contain APIs (types / attributes) for
vendor. The other statements like allow/neverallow/typeattributes are
regarded as implementation detail for platform and should be in private.

Bug: 232023812
Test: m selinux_policy
Test: diff <(git diff --staged | grep "^-" | cut -b2- | sort) \
           <(git diff --staged | grep "^+" | cut -b2- | sort)
Test: remove comments on plat_sepolicy.cil, replace base_typeattr_*
      to base_typeattr and then compare old and new plat_sepolicy.cil
Change-Id: I5e7d2da4465ab0216de6bacdf03077d37f6ffe12
2024-03-28 00:33:46 +00:00
Carlos Galo
ea1bd5d68f lmkd: Add sepolicy rules around bpf for lmkd
LMKD needs to be able to attach BPF tracepoints. It needs to be able to
access tracefs, attach and run bpf programs.

Test: m
Test: Verified no denials with lmkd and libmemevents integration
Bug: 244232958
Change-Id: I57248b729c0f011937bec139930ca9d24ba91c3b
Signed-off-by: Carlos Galo <carlosgalo@google.com>
2024-03-19 00:46:47 -07:00
Håkan Kvist
1f915b4b13 label boot animations on oem with bootanim_oem_file
Bootanimation only access boot animation files on oem. Label
these files with bootanim_oem_file and remove oemfs file allow rule.

Also allow mediaserver and app to read this new label as they can access
/oem/media folder.

Bug: 324437684
Test: Confirm that boot animation on oem is shown without violations
Change-Id: I940ccde9391a5daa920f31926d32e68b1de5b7eb
2024-02-16 11:08:30 +01:00
Dennis Shen
6c8210da20 selinux setup for files under /metadata/aconfig dir
1, /metadata/aconfig is the directory that stores aconfig storage
related protobuf files and flag value files boot copy. Grant read
access to everybody. But limit the write access only to init and
aconfig storage service process (to be created later)

2, /metadata/aconfig/flags is the sub directory that stores persistent
aconfig value files.Initially set it up to be accessible by
system_server process only . When aconfig storage service process is
created, will add another permission to storage service process.

Context to why we are hosting flag data on /metadata partition:

Android is adopting trunk stable workflow, flagging and A/B testing is
essential to every platform component. We need some place to host the
flag that are accessible to system processes that starts before /data
partition becomes available.

In addition, there has been a long discussion regarding utilizing
/metadata partition for some process data, another example is mainline
modules, we are trying to make them to be able to be mounted earlier,
but cannot due to /data availability.

Bug: 312444587
Test: m
Change-Id: I7e7dae5cf8c4268d71229c770af31b5e9f071428
2024-02-14 17:56:29 +00:00
Carlos Galo
878f7f1795 Merge "system_server: remove access to proc/memhealth/*" into main 2024-02-02 04:26:54 +00:00
Carlos Galo
4a9f07fe21 system_server: remove access to proc/memhealth/*
Memhealth driver has been removed from all android kernels.

Test: m
Bug: 315560026
Change-Id: Ia4f91bde3a999a490b42b57abcd521ff9cc94633
Signed-off-by: Carlos Galo <carlosgalo@google.com>
2024-02-01 23:40:25 +00:00
Kangping Dong
0d6679a410 [Thread] move ot-daemon socket to /dev/socket/ot-daemon
On Android, unix sockets are located in /dev/socket/ and managed by
init. This commit follows the convention for ot-daemon

Bug: 320451788
Test: verified that ot-daemon can create socket
/dev/socket/ot-daemon/thread-wpan.sock

Change-Id: I6b0fe45602bb54d6d482f5be46ddb5402bea477b
2024-01-23 00:00:01 +08:00
Seungjae Yoo
ed25d9436d vendor_microdroid_file shouldn't be overwrited
If malicious process in the host overwrites microdroid vendor image,
unexpected behavior could be happened.

Bug: 285854379
Test: adb shell /apex/com.android.virt/bin/vm run-microdroid --vendor /vendor/etc/avf/microdroid/microdroid_vendor.img

Change-Id: I18ce5112b75b2793c85bb59c137715beb602a5f3
2023-11-28 11:20:18 +09:00
Seungjae Yoo
d2a0892121 Introduce vendor_microdroid_file for microdroid vendor image
In AVF, virtualizationmanager checks the selinux label of given disk
image for proving whether the given image is edited maliciously.
Existing one(vendor_configs_file, /vendor/etc/*) was too wide to use for this purpose.

Bug: 285854379
Test: m
Change-Id: I6c966c92b238a2262d2eb7f41041ed4c359e9e0a
2023-11-16 16:44:15 +09:00
Martin Liu
52aa5039ba add percpu_pagelist_high_fraction type
Bug: 309409009
Test: boot
Change-Id: I04db2ab3a95a5427e6d89cf128ed953fdc823107
Signed-off-by: Martin Liu <liumartin@google.com>
2023-11-07 11:36:00 +08:00
Rhed Jao
ebe1316695 Create sepolicy for allowing system_server rw in /metadata/repair-mode
Bug: 277561275
Test: ls -all -Z /metadata/repair-mode
Change-Id: Ie27b6ef377bb3503e87fbc5bb2446bc0de396123
2023-10-23 13:38:38 +11:00
Li Li
0b3f585a63 Allow system server read binderfs stats
When receiving the binder transaction errors reported by Android
applications, AMS needs a way to verify that information. Currently
Linux kernel doesn't provide such an API. Use binderfs instead until
kernel binder driver adds that functionality in the future.

Bug: 199336863
Test: send binder calls to frozen apps and check logcat
Test: take bugreport and check binder stats logs
Change-Id: I3bab3d4f35616b4a7b99d6ac6dc79fb86e7f28d4
2023-10-20 13:22:24 -07:00
Steve Muckle
75603e3ccd allow writes to /sys/power/sync_on_suspend from init
When suspend.disable_sync_on_suspend is set init must write to
/sys/power/sync_on_suspend.

Bug: 285395636
Change-Id: Ica1b039c3192f08ec84aa07d35c2d0c61e7449c0
2023-10-04 07:44:33 +00:00
Carlos Galo
004cc8c21c system_server: allow access to proc/memhealth/*
Libmemevents requires read-access to the attribute files exposed by the
memhealth driver.

Test: build
Test: no denials to /proc/memhealth/oom_victim_list from libmemevents
Bug: 244232958
Change-Id: I617c75ab874ad948af37d3e345e5202e46781f3f
Signed-off-by: Carlos Galo <carlosgalo@google.com>
2023-09-20 00:30:13 +00:00
Jooyung Han
b6211b88cf Introduce vendor_apex_metadata_file
A new label for ./apex_manifest.pb and ./ entries in vendor apexes. This
is read-allowed by a few system components which need to read "apex" in
general. For example, linkerconfig needs to read apex_manifest.pb from
all apexes including vendor apexes.

Previously, these entries were labelled as system_file even for vendor
apexes.

Bug: 285075529
Test: m && launch_cvd
Test: atest VendorApexHostTestsCases
Change-Id: Icc234bf604e3cafe6da81d21db744abfaa524dcf
2023-06-05 17:17:51 +09:00
Kelvin Zhang
dbe230a193 Allow snapuserd to write log files to /data/misc
snapuserd logs are important when OTA failures happen. To make debugging
easier, allow snapuserd to persist logs in /data/misc/snapuserd_logs ,
and capture these logs in bugreport.

Bug: 280127810
Change-Id: I49e30fd97ea143e7b9c799b0c746150217d5cbe0
2023-05-01 17:15:17 -07:00
Paul Lawrence
6b5da95419 Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf
Bug: 262887267
Test: ro.fuse.bpf.is_running is true
Change-Id: I9c4a54e9ac232e9f35a6be5b3bcc3cc040d64b47
2023-03-01 14:45:57 -08:00
Treehugger Robot
863cedfae6 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" 2023-02-22 10:21:25 +00:00
Alfred Piccioni
dd4c5fa93b Merge "Adds support for fuseblk binaries." 2023-02-17 15:15:31 +00:00
Woody Lin
35541e183f Allow dumpstate to read /data/system/shutdown-checkpoints/
Bug: 260366497
Bug: 264600011
Test: Take bugreport and check dmesg for avc error
Test: Reboot and check shutdown-checkpoints
Change-Id: Ifcc7de30ee64e18f78af147cd3da39d7c6dc6f5f
2023-02-16 14:23:33 +08:00
Jeffrey Huang
01fd5eb907 Merge "Restrict system server from reading statsd data" 2023-02-13 22:37:09 +00:00
Jeffrey Huang
fcf5a91e00 Restrict system server from reading statsd data
Bug: 267367423
Test: m -j
Change-Id: I0628142c2380cf568643f864ae211fbf5380550c
2023-02-06 18:29:21 -08:00
Alfred Piccioni
30ae427ed0 Adds support for fuseblk binaries.
This is a rather large, single change to the SEPolicies, as fuseblk
required multiple new domains. The goal is to allow any fuseblk
drivers to also use the same sepolicy.

Note the compartmentalized domain for sys_admin and mount/unmount
permissions.

Bug: 254407246

Test: Extensive testing with an ADT-4 and NTFS USB drives.
Change-Id: I6619ac77ce44ba60edd6ab10e8436a8712459b48
2023-02-02 15:32:39 +01:00
Alfred Piccioni
3e1dc57bf4 Add NTFS support in sepolicy.
This CR, when paired with a functional NTFS implementation and the
corresponding vold updates, will allow NTFS USB drives to be mounted
on Android.

Bug: 254407246

Test: Extensive testing with NTFS USB drives.
Change-Id: I259882854ac40783f6d1cf511e8313b1d5a04eef
2022-11-03 16:02:51 +01:00
Maciej Żenczykowski
afa8ca689f Merge "much more finegrained bpf selinux privs for networking mainline" 2022-06-23 11:05:03 +00:00
Maciej Żenczykowski
b13921c3f0 much more finegrained bpf selinux privs for networking mainline
Goal is to gain a better handle on who has access to which maps
and to allow (with bpfloader changes to create in one directory
and move into the target directory) per-map selection of
selinux context, while still having reasonable defaults for stuff
pinned directly into the target location.

BPFFS (ie. /sys/fs/bpf) labelling is as follows:
  subdirectory   selinux context      mainline  usecase / usable by
  /              fs_bpf               no (*)    core operating system (ie. platform)
  /net_private   fs_bpf_net_private   yes, T+   network_stack
  /net_shared    fs_bpf_net_shared    yes, T+   network_stack & system_server
  /netd_readonly fs_bpf_netd_readonly yes, T+   network_stack & system_server & r/o to netd
  /netd_shared   fs_bpf_netd_shared   yes, T+   network_stack & system_server & netd [**]
  /tethering     fs_bpf_tethering     yes, S+   network_stack
  /vendor        fs_bpf_vendor        no, T+    vendor

* initial support for bpf was added back in P,
  but things worked differently back then with no bpfloader,
  and instead netd doing stuff by hand,
  bpfloader with pinning into /sys/fs/bpf was (I believe) added in Q
  (and was definitely there in R)

** additionally bpf programs are accesible to netutils_wrapper
   for use by iptables xt_bpf extensions

'mainline yes' currently means shipped by the com.android.tethering apex,
but this is really another case of bad naming, as it's really
the 'networking/connectivity/tethering' apex / mainline module.
Long term the plan is to merge a few other networking mainline modules
into it (and maybe give it a saner name...).

The reason for splitting net_private vs tethering is that:
  S+ must support 4.9+ kernels and S era bpfloader v0.2+
  T+ must support 4.14+ kernels and T beta3 era bpfloader v0.13+

The kernel affects the intelligence of the in-kernel bpf verifier
and the available bpf helper functions.  Older kernels have
a tendency to reject programs that newer kernels allow.

/ && /vendor are not shipped via mainline, so only need to work
with the bpfloader that's part of the core os.

Bug: 218408035
Test: TreeHugger, manually on cuttlefish
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I674866ebe32aca4fc851818c1ffcbec12ac4f7d4
(cherry picked from commit 15715aea32)
2022-06-22 16:07:42 -07:00
Neil Fuller
37888b33ba Remove TZUvA feature.
The feature was superseded by tzdata mainline module(s).

Bug: 148144561
Test: see system/timezone
Test: m selinux_policy
Change-Id: I48d445ac723ae310b8a134371342fc4c0d202300
Merged-In: I48d445ac723ae310b8a134371342fc4c0d202300
2022-06-13 11:45:50 +00:00
Jeff Vander Stoep
b07c12c39d Iorapd and friends have been removed
Remove references in sepolicy. Leave a few of the types defined since
they're public and may be used in device-specific policy.

Bug: 211461392
Test: build/boot cuttlefish
Change-Id: I615137b92b82b744628ab9b7959ae5ff28001169
2022-05-18 12:07:39 +02:00
Eric Biggers
9a5992336e Restrict creating per-user encrypted directories
Creating a per-user encrypted directory such as /data/system_ce/0 and
the subdirectories in it too early has been a recurring bug.  Typically,
individual services in system_server are to blame; system_server has
permission to create these directories, and it's easy to write
"mkdirs()" instead of "mkdir()".  Such bugs are very bad, as they
prevent these directories from being encrypted, as encryption policies
can only be set on empty directories.  Due to recent changes, a factory
reset is now forced in such cases, which helps detect these bugs;
however, it would be much better to prevent them in the first place.

This CL locks down the ability to create these directories to just vold
and init, or to just vold when possible.  This is done by assigning new
types to the directories that contain these directories, and then only
allowing the needed domains to write to these parent directories.  This
is similar to what https://r.android.com/1117297 did for /data itself.

Three new types are used instead of just one, since these directories
had three different types already (system_data_file, media_rw_data_file,
vendor_data_file), and this allows the policy to be a bit more precise.

A significant limitation is that /data/user/0 is currently being created
by init during early boot.  Therefore, this CL doesn't help much for
/data/user/0, though it helps a lot for the other directories.  As the
next step, I'll try to eliminate the /data/user/0 quirk.  Anyway, this
CL is needed regardless of whether we're able to do that.

Test: Booted cuttlefish.  Ran 'sm partition disk:253,32 private', then
      created and deleted a user.  Used 'ls -lZ' to check the relevant
      SELinux labels on both internal and adoptable storage.  Also did
      similar tests on raven, with the addition of going through the
      setup wizard and using an app that creates media files.  No
      relevant SELinux denials seen during any of this.
Bug: 156305599
Change-Id: I1fbdd180f56dd2fe4703763936f5850cef8ab0ba
2022-05-05 04:12:46 +00:00
Jason Macnak
a93398051c Adds GPU sepolicy to support devices with DRM gralloc/rendering
... such as Cuttlefish (Cloud Android virtual device) which has a
DRM virtio-gpu based gralloc and (sometimes) DRM virtio-gpu based
rendering (when forwarding rendering commands to the host machine
with Mesa3D in the guest and virglrenderer on the host).

After this change is submitted, changes such as aosp/1997572 can
be submitted to removed sepolicy that is currently duplicated
across device/google/cuttlefish and device/linaro/dragonboard as
well.

Adds a sysfs_gpu type (existing replicated sysfs_gpu definitions
across several devices are removed in the attached topic). The
uses of `sysfs_gpu:file` comes from Mesa using libdrm's
`drmGetDevices2()` which calls into `drmParsePciDeviceInfo()` to
get vendor id, device id, version etc.

Bug: b/161819018
Test: launch_cvd
Test: launch_cvd --gpu_mode=gfxstream
Change-Id: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c
Merged-In: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c
2022-04-18 17:30:56 -07:00
Kalesh Singh
6ba41462d5 Merge changes from topic "mglru-exp"
* changes:
  Add sepolicy for Multi-Gen LRU sysfs control
  Add sepolicy for mglru_native flag namespace
2022-04-12 13:48:48 +00:00
Kalesh Singh
98f63495b2 Add sepolicy for Multi-Gen LRU sysfs control
init is allowed to enable/disable MG-LRU.

Bug: 227651406
Bug: 228525049
Test: setprop persist.device_config.mglru_native.lru_gen_config
Test: verify no avc denials in logcat
Change-Id: I20223f3628cb6909c3fd2eb2b821ff2d52202dd2
2022-04-08 13:37:50 -07:00
Andy Yu
8337d04202 Add label and permission for game_mode_intervention.list
Bug: 219543620
Doc: go/game-dashboard-information-to-perfetto
Test: TBD
Change-Id: Ic6622aadef05e22c95d4ba739beed0e6fa1f3a38
2022-03-29 14:12:14 -07:00
Carlos Llamas
75821321c7 sepolicy: allow access to binderfs feature files
The binder driver now advertises the features it supports through
individual files under /dev/binderfs/features/*. Let all domains have
access to these files to determine how to interact with the driver.

Bug: 191910201
Tested: clients are able to read feature files via libbinder
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Change-Id: Ice5de9efee74e571ef0a23ce093af162fc3b276e
2022-03-09 08:55:10 -08:00
Ramji Jiyani
4a556890f9 system_dlkm: sepolicy: add system_dlkm_file_type
Add new attribute system_dlkm_file_type for
/system_dlkm partition files.

Bug: 218392646
Bug: 200082547
Test: TH
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I193c3f1270f7a1b1259bc241def3fe51d77396f3
2022-02-11 04:19:33 +00:00
Steven Moreland
c27d24c37c Allow BPF programs from vendor.
Who needs all those context switches?

bpfloader controls which types of vendor programs can be used.

Bug: 140330870
Bug: 162057235
Test: successfully load bpf programs from vendor
Change-Id: I36e4f6550da33fea5bad509470dfd39f301f13c8
2022-02-08 22:46:54 +00:00
Paul Lawrence
04cddf8af2 Merge "Allow bpfloader to read fuse's bpf_prog number" 2021-11-29 16:18:42 +00:00
Rajesh Nyamagoud
ce542660c9 Added sepolicy rule for vendor uuid mapping config
New type added in sepolicy to restrict Vendor defined uuid mapping
config file access to SecureElement.

Bug: b/180639372
Test: Run OMAPI CTS and VTS tests
Change-Id: I81d715fa5d5a72c893c529eb542ce62747afcd03
2021-11-20 01:08:11 +00:00
Paul Lawrence
e3e26b7bea Allow bpfloader to read fuse's bpf_prog number
Bug: 202785178
Test: Along with rest of topic, file
/sys/fs/bpf/prog_fuse_media_fuse_media
appears on boot with fuse-bpf in kernel

Merged-In: Ibccdf177c75fef0314c86319be3f0b0f249ce59d
Change-Id: Ibccdf177c75fef0314c86319be3f0b0f249ce59d
2021-11-19 01:43:58 +00:00
Maciej Żenczykowski
3702f3385e introduce new 'proc_bpf' for bpf related sysctls
What to tag chosen based on output of:
  find /proc 2>/dev/null | egrep bpf
on a 5.10 kernel.

Tagged with prefixes to be more likely not require changes in the future

  $ adb root
  $ adb shell 'ls -lZ /proc/sys/net/core/bpf_* /proc/sys/kernel/*bpf*'

Before:
  -rw-r--r-- 1 root root u:object_r:proc:s0      0 2021-11-11 02:11 /proc/sys/kernel/bpf_stats_enabled
  -rw-r--r-- 1 root root u:object_r:proc:s0      0 2021-11-11 02:11 /proc/sys/kernel/unprivileged_bpf_disabled
  -rw-r--r-- 1 root root u:object_r:proc_net:s0  0 2021-11-11 02:11 /proc/sys/net/core/bpf_jit_enable
  -rw------- 1 root root u:object_r:proc_net:s0  0 2021-11-11 02:11 /proc/sys/net/core/bpf_jit_harden
  -rw------- 1 root root u:object_r:proc_net:s0  0 2021-11-11 02:11 /proc/sys/net/core/bpf_jit_kallsyms
  -rw------- 1 root root u:object_r:proc_net:s0  0 2021-11-11 02:11 /proc/sys/net/core/bpf_jit_limit

After:
  -rw-r--r-- 1 root root u:object_r:proc_bpf:s0  0 2021-11-11 02:08 /proc/sys/kernel/bpf_stats_enabled
  -rw-r--r-- 1 root root u:object_r:proc_bpf:s0  0 2021-11-11 02:08 /proc/sys/kernel/unprivileged_bpf_disabled
  -rw-r--r-- 1 root root u:object_r:proc_bpf:s0  0 2021-11-11 02:08 /proc/sys/net/core/bpf_jit_enable
  -rw------- 1 root root u:object_r:proc_bpf:s0  0 2021-11-11 02:08 /proc/sys/net/core/bpf_jit_harden
  -rw------- 1 root root u:object_r:proc_bpf:s0  0 2021-11-11 02:08 /proc/sys/net/core/bpf_jit_kallsyms
  -rw------- 1 root root u:object_r:proc_bpf:s0  0 2021-11-11 02:08 /proc/sys/net/core/bpf_jit_limit

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I46ea81ff42d3b915cf7a96735dc2636d9808ead6
2021-11-11 02:54:21 -08:00
Bart Van Assche
5e016c1721 Merge "Stop using the bdev_type and sysfs_block_type SELinux attributes" 2021-11-05 20:36:02 +00:00
Treehugger Robot
37919f5b87 Merge "Remove references to nonplat sepolicy" 2021-11-05 15:25:54 +00:00
Jeff Vander Stoep
f098071ac7 Remove references to nonplat sepolicy
"nonplat" was renamed to "vendor" in Android Pie, but was retained
here for Treble compatibility.

We're now outside of the compatbility window for these devices so
it can safely be removed.

Test: atest treble_sepolicy_tests
Change-Id: Iaa22af41a07b13adb7290f570db7a9d43b6e85cc
2021-11-05 15:07:57 +01:00
Alistair Delva
6092d633b0 Allow init to write to /proc/cpu/alignment
The root init.rc does "write /proc/cpu/alignment 4", but we don't
actually allow this write in core sepolicy. This seems to be a 32-bit
ARM only proc file.

Noticed when booting 32-bit ARM Cuttlefish.

Bug: 145371497
Change-Id: Ic099395708f7236bcc2fc5c561809a7e129786de
2021-11-01 10:17:26 -07:00
Bart Van Assche
4374a1fd83 Stop using the bdev_type and sysfs_block_type SELinux attributes
Stop using these SELinux attributes since the apexd and init SELinux
policies no longer rely on these attributes.

The difference between the previous versions of this patch and the
current patch is that the current patch does not remove any SELinux
attributes. See also
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1850656.
See also
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1862919.

This patch includes a revert of commit 8b2b951349 ("Restore permission
for shell to list /sys/class/block").  That commit is no longer necessary
since it was a bug fix for the introduction of the sysfs_block type.

Bug: 202520796
Test: source build/envsetup.sh && lunch aosp_x86_64 && m && launch_cvd
Change-Id: I73e1133af8146c154af95d4b96132e49dbec730c
Signed-off-by: Bart Van Assche <bvanassche@google.com>
2021-10-29 15:22:09 -07:00