- Allow (again) `otapreopt` (running as `postinstall_dexopt`) to
execute `dex2oat` from `/postinstall` -- this is for the case where
it is located in a flattened Runtime APEX in
`/postinstall/system/apex`.
- Allow `dex2oat` to read directories under `/postinstall`.
- Allow `otapreopt_chroot` to unmount flattened APEX packages under
`/postinstall/system/apex` (which are bind-mounted in
`/postinstall/apex`).
Test: A/B OTA update test (asit/dexoptota/self_full).
Bug: 127543974
Bug: 123684826
Bug: 113373927
Change-Id: Ie023ee5c64989ea071e1683f31073a70c93cac18
In preparation for additions that should be private-only, move the
types to private. Both have to be moved as they are dependent.
Bug: 125474642
Test: m
Change-Id: I6a76eba41b036bc6fb83588adbe9d63767d3e159
- Allow `postinstall_dexopt` to transition to domain `dex2oat` when
executing `dex2oat` from the Runtime APEX
(`/postinstall/apex/com.android.com/bin/dex2oat`).
- Allow `dex2oat` (from the Runtime APEX) to read files under
`/postinstall` (e.g. APKs under `/system`, `/system/bin/linker`);
- Also allow `dex2oat` (from the Runtime APEX) to use libraries under
`/postinstall/system` (e.g. `/system/lib/libc.so`). This is
temporary change until Bionic libraries are part of the Runtime
APEX.
Test: A/B OTA update test (asit/dexoptota/self_full).
Bug: 113373927
Bug: 120796514
Change-Id: I0a8a6ac485f725753ee909b1561becd3bd908ce4
On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor
apps) are not permitted to use Binder. This commit thus:
* groups non-vendor domains using the new "coredomain" attribute,
* adds neverallow rules restricting Binder use to coredomain and
appdomain only, and
* temporarily exempts the domains which are currently violating this
rule from this restriction. These domains are grouped using the new
"binder_in_vendor_violators" attribute. The attribute is needed
because the types corresponding to violators are not exposed to the
public policy where the neverallow rules are.
Test: mmm system/sepolicy
Test: Device boots, no new denials
Test: In Chrome, navigate to ip6.me, play a YouTube video
Test: YouTube: play a video
Test: Netflix: play a movie
Test: Google Camera: take a photo, take an HDR+ photo, record video with
sound, record slow motion video with sound. Confirm videos play
back fine and with sound.
Bug: 35870313
Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95
Divide policy into public and private components. This is the first
step in splitting the policy creation for platform and non-platform
policies. The policy in the public directory will be exported for use
in non-platform policy creation. Backwards compatibility with it will
be achieved by converting the exported policy into attribute-based
policy when included as part of the non-platform policy and a mapping
file will be maintained to be included with the platform policy that
maps exported attributes of previous versions to the current platform
version.
Eventually we would like to create a clear interface between the
platform and non-platform device components so that the exported policy,
and the need for attributes is minimal. For now, almost all types and
avrules are left in public.
Test: Tested by building policy and running on device.
Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c
