Restricting that properties can only be written by platform and module.
It will be read and written from init and sytem_server.
Bug: b/289203818
Test: m
Change-Id: Ie6b44d1222ec1a9fbfc9b90e0455588f9defe848
Set up minimal file_contexts for the com.android.webview.bootstrap APEX.
Bug: 318717084
Test: m com.android.webview.bootstrap
Change-Id: Id707617447dc44111891446eea442b31b7ff1b57
EnhancedConfirmationService is a new SystemService.
These changes are required before the service will boot.
Bug: 321053639
Change-Id: I15a4004ca57deb5c6f8757913c1894ba0ced399d
On Android, unix sockets are located in /dev/socket/ and managed by
init. This commit follows the convention for ot-daemon
Bug: 320451788
Test: verified that ot-daemon can create socket
/dev/socket/ot-daemon/thread-wpan.sock
Change-Id: I6b0fe45602bb54d6d482f5be46ddb5402bea477b
This is needed to allow vendor xt_bpf programs.
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7ff8a0319bec2f3a57c7ce48939b13b2fca182de
NFC stack is becoming an unbundled apex which embeds the existing NFC
APK. Unbundling requires the apex & apk to be signed by non-platform
certificates, hence adding new seapp_contexts rule for the NFC stack.
The old rule is also left behing to support `-next` config builds where
we are still using the platform signed NFC APK.
Ignore-AOSP-First: All of the NFC mainline work is only present in
internal master. Will cherry-pick this CL once we cherry-pick all its
dependencies.
Bug: 320583956
Test: Bootup test with signed NFC APK (within NFC apex)
Merged-In: I1d4d6370cce558c8dcc0ec73a7ce47c2b5495a33
Change-Id: I1d4d6370cce558c8dcc0ec73a7ce47c2b5495a33
There will not be separate private/public BPF directories. All BPFs will
be under a uprobestats/ directory.
Bug: 296108553
Test: m selinux_policy
Change-Id: I00934cb14ead44c457ccee6957763dc01370dac6
This CL adds sepolicy for the system property
threadnetwork.country_code. This system property
is set by init and be read by the ThreadNetworkService.
Bug: b/309357909
Test: Configure the system property in ini.product.rc and
check the configured country code via the command
`dumpsys thread_network`.
Change-Id: I6f067ced24842755f2c5519169ba9a94df17829f
Allow system_app to call update engine and update engine
to call callback registered by system app.
Test: m Settings && adb install -r
$ANDROID_PRODUCT_OUT/system_ext/priv-app/Settings/Settings.apk,
Update using 16k dev option.
Bug: 295573133
Change-Id: Ice7e75f86283637ad67a675682ecd0d27038d9e7
am skip reason: Merged-In Ie495f6f9ad43146a0bfcd5bb291fca3760467370 with SHA-1 980c33614e is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2895200
Change-Id: If342c7411a202b239631bf90ac5083223bfe6656
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
Add initial sepolicy for suspend.debug.wakestats_log.enabled
Allow set from init
Allow read by system suspend
Bug: 301657457
Test: manual
Change-Id: I1123e169d69eadb909ed474c0c246a8a45eab2f0
Signed-off-by: Radu Solea <radusolea@google.com>
security_state service manages security state (e.g. SPL) information across partitions, modules, etc.
Bug: 315895055
Test: N/A
Change-Id: Iee761f8a33f70e8c6bc03849c021f4e165c6f6db
This commit includes two sepolicy changes:
1. change threadnetwork data file to
/data/misc/apexdata/com.android.tethering/threadnetwork
2. use apex_tethering_data_file for files under
/data/misc/apexdata/com.android.tethering
The background is that the Thread daemon (ot_daemon) is merged into the
Tethering mainline module, which means the the Tehtering module now has
code running in both system_server and the standalone unprivileged
ot_daemon process. To prevent ot_daemon from accessing other
apex_system_server_data_file dirs, here use the specific
apex_tethering_data_file for both Tethering and Thread files (A
subdirectory threadnetwork/ will be created for Thread at runtime). This
is similar to apex_art_data_file and apex_virt_data_file.
Note that a file_contexts rule like
```
/data/misc/apexdata/com\.android\.tethering/threadnetwork(/.*)? u:object_r:apex_threadnetwork_data_file:s0
```
won't work because the threadnetwork/ subdir doesn't exist before the
sepolicy rules are evaluated.
Bug: 309932508
Test: manually verified that Thread settings file can be written to
/data/misc/apexdata/com.android.tethering/threadnetwork
Change-Id: I66539865ef388115c8e9b388b43291d8faf1f384
Looks like we missed this, and so non-rooted locked devices can't override the persistent sysprops. On Pixel 8 for example, we ship with 'persist.arm64.memtag.system_server=off' by default (from some droidfood carry-overs), and this can't be edited (https://googleprojectzero.blogspot.com/2023/11/first-handset-with-mte-on-market.html).
We should allow these advanced users to set all the MTE properties on the device that they own, and they can already control the non-persistent properties.
Test: N/A
Bug: N/A
(cherry picked from https://android-review.googlesource.com/q/commit:980c33614e691dde070b59bc746bd252b6edb189)
Merged-In: Ie495f6f9ad43146a0bfcd5bb291fca3760467370
Change-Id: Ie495f6f9ad43146a0bfcd5bb291fca3760467370
Bug: 309888546
As virtualizationmanager holds references to IBoundDevice returned by
vfio_handler, virtualizationmanager should also have permission to
binder_call.
Bug: 278008519
Test: boot microdroid with assigned devices
Change-Id: I7b87de099b0731c386666cec215807dc39d8c89c
Post OTA reboot, snapshot-merge threads will be run in the background cgroup so that they don't run on big cores. Hence, use SetTaskProfiles() API to move the thread to the relavant cgroup.
When setting SetTaskProfile API, /dev/cpuset/background/tasks path
is accessed which requires process to be in system group.
Use setgid to move the task to system group.
Bug: 311233916
Test: OTA on Pixel 6 - Verify that merge threads are not run on big
cores
Change-Id: Ie4921910985292b0b05f4ffc70b0d08ad9e4a662
Signed-off-by: Akilesh Kailash <akailash@google.com>
codecs.
This is required to allow Surface originating from
virtual_camera to be used by mediaserver & writen
to by codecs(for example to decode video into the
surface usign MediaPlayer).
Bug: 301023410
Test: Virtual Camera Test app
Change-Id: I2cac88accd4e1777f6c441c012cd0d36579a55e5