Commit graph

91 commits

Author SHA1 Message Date
Songchun Fan
3cf7d1b5ee Merge "selinux rules for loading incremental module" 2020-02-07 19:33:08 +00:00
Songchun Fan
99d9374760 selinux rules for loading incremental module
Defining incremental file system driver module, allowing vold to load
and read it.

=== Denial messages ===
02-04 16:48:29.193   595   595 I Binder:595_4: type=1400 audit(0.0:507): avc: denied { read } for name="incrementalfs.ko" dev="dm-2" ino=1684 scontext=u:r:vold:s0 tcontext=u:object_r:vendor_incremental_module:s0 tclass=file permissive=1
02-04 16:48:29.193   595   595 I Binder:595_4: type=1400 audit(0.0:508): avc: denied { open } for path="/vendor/lib/modules/incrementalfs.ko" dev="dm-2" ino=1684 scontext=u:r:vold:s0 tcontext=u:object_r:vendor_incremental_module:s0 tclass=file permissive=1
02-04 16:48:29.193   595   595 I Binder:595_4: type=1400 audit(0.0:509): avc: denied { sys_module } for capability=16 scontext=u:r:vold:s0 tcontext=u:r:vold:s0 tclass=capability permissive=1
02-04 16:48:29.193   595   595 I Binder:595_4: type=1400 audit(0.0:510): avc: denied { module_load } for path="/vendor/lib/modules/incrementalfs.ko" dev="dm-2" ino=1684 scontext=u:r:vold:s0 tcontext=u:object_r:vendor_incremental_module:s0 tclass=system permissive=1

Test: manual
BUG: 147371381
Change-Id: I5bf4e28c28736b4332e7a81c344ce97ac7278ffb
2020-02-07 09:52:34 -08:00
Martijn Coenen
127f5e863c Allow vold FS_IOC_{GET|SET}FLAGS ioctl.
To enable quota project ID inheritance.

Bug: 146419093
Test: no denials
Change-Id: If9c616acc5010d513d1e7ccda0915cdb26272b8c
2020-02-06 18:08:36 +00:00
Zimuzo Ezeozue
5119becf5d Merge "Grant vold, installd, zygote and apps access to /mnt/pass_through" 2020-01-28 22:26:58 +00:00
Zim
fcf599c89c Grant vold, installd, zygote and apps access to /mnt/pass_through
/mnt/pass_through was introduced to allow the FUSE daemon unrestricted
 access to the lower filesystem (or sdcardfs).

At zygote fork time, the FUSE daemon will have /mnt/pass_through/0
bind mounted to /storage instead of /mnt/user/0. To keep /sdcard
(symlink to /storage/self/primary) paths working, we create a
'self' directory  with an additional 'primary' symlink to
/mnt/pass_through/0/emulated/0 which is a FUSE mount point.

The following components need varying sepolicy privileges:

Vold: Creates the self/primary symlink and mounts the lower filesystem
on /mnt/pass_through/0/emulated. So needs create_dir and mount access
+ create_file access for the symlink

zygote: In case zygote starts an app before vold sets up the paths.
This is unlikely but can happen if the FUSE daemon (a zygote forked app)
is started before system_server completes vold mounts.
Same sepolicy requirements as vold

installd: Needs to clear/destroy app data using lower filesystem
mounted on /mnt/pass_through so needs read_dir access to walk
/mnt/pass_through

priv_app (FUSE daemon): Needs to server content from the lower
filesystem mounted on /mnt/pass_through so needs read_dir access to
walk /mnt/pass_through

Bug: 135341433
Test: adb shell ls /mnt/pass_through/0/self/primary
Change-Id: I16e35b9007c2143282600c56adbc9468a1b7f240
2020-01-28 20:56:36 +00:00
Martijn Coenen
e0ab03aee3 Add FS_IOC_FS(G|S)ETXATTR to ioctl_defines and allow vold to use it.
Bug: 146419093
Test: vold can call the ioctl
Change-Id: I409b702d00bc5ef5f42f9c613d8f89195fefb800
2020-01-22 10:53:33 +01:00
Martijn Coenen
d1460a1111 Merge changes Ide8fc07c,Ia1f51db4
* changes:
  Allow vold to mount on top of /data/media.
  Revert "Temporarily relax Zygote storage mounting rules."
2019-11-23 09:10:34 +00:00
Martijn Coenen
313cff7687 Allow vold to mount on top of /data/media.
For performance reasons, we want to bind-mount parts of the lower
filesystem on top of /data/media.

Bug: 137890172
Test: No denials when mounting
Change-Id: Ide8fc07cdeb6a6816585af1582bee69bc68043af
2019-11-22 16:02:07 +01:00
Tianjie Xu
f5ddc0444b Add a new context for property ota.warm_reset
The property is set to inform kernel to do a warm_reset on the next
reboot. This is useful to persist the logs to debug device boot
failures. More details in http://go/rvc-ota-persist-logs.

The property is set to 1 by update_engine after an OTA. And it's set to
0 by update_verifier or vold after we mark the current slot boot
successful.
The property is read by vendor_init. And according to its value,
vendor_init writes a particular sysfs file to schedule a warm reset
on the following reboot.

Without the new context, the denial message says:
[   13.423163] audit: type=1107 audit(1746393.166:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc:  denied  { read } for property=ota.warm_reset pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0'
[   23.096497] init: Unable to set property 'OTA.warm_reset' from uid:0 gid:2001 pid:841: SELinux permission check failed
[   23.096574] type=1107 audit(1573768000.668:42): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=OTA.warm_reset pid=841 uid=0 gid=2001 scontext=u:r:update_verifier:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service permissive=0'
[   23.108430] update_verifier: Failed to reset the warm reset flag

Bug: 143489994
Test: check the property can be set by update_engine, and read by vendor_init
Change-Id: I87c12a53a138b72ecfed3ab6a4d846c20f5a8484
2019-11-14 15:24:25 -08:00
Eric Biggers
0c8a90693a Merge changes from topic "fscrypt-key-mgmt-improvements"
* changes:
  Export vold ro.crypto.volume.flags property
  Allow vold to use new ioctls to add/remove fscrypt keys
2019-10-07 19:09:44 +00:00
Eric Biggers
36ae6631e3 Allow vold to use new ioctls to add/remove fscrypt keys
Also add neverallow rules to enforce that unintended domains aren't
allowed to use any of the fscrypt ioctls.

(Originally based on a patch by Satya Tangirala <satyat@google.com>)

Bug: 140500828
Test: see I296ef78138578a3fd773797ac0cd46af1296b959
Change-Id: I01e81edf0d948af254ddf4275702e7224b2698e4
2019-09-30 13:11:49 -07:00
Tri Vo
bfcddbe25e sepolicy: remove ashmemd
Bug: 139855428
Test: m selinux_policy
Change-Id: I8d7f66b16be025f7cb9c5269fae6fd7540c2fdc9
2019-09-27 17:43:53 +00:00
Paul Crowley
aed0f76ee9 Root of /data belongs to init (re-landing)
Give /data itself a different label to its contents, to ensure that
only init creates files and directories there.

This change originally landed as aosp/1106014 and was reverted in
aosp/1116238 to fix b/140402208. aosp/1116298 fixes the underlying
problem, and with that we can re-land this change.

Bug: 139190159
Bug: 140402208
Test: aosp boots, logs look good
Change-Id: I1a366c577a0fff307ca366a6844231bcf8afe3bf
2019-09-09 14:42:01 -07:00
Paul Crowley
d98e311952 Revert "Root of /data belongs to init"
This reverts commit 206b6535f1.

Reason for revert: Droidfood is blocked
Bug: 140402208
Change-Id: I1d1eb014747ba5c5bb656342e53b8c4e434878d1
2019-09-06 19:59:17 +00:00
Paul Crowley
206b6535f1 Root of /data belongs to init
Give /data itself a different label to its contents, to ensure that
only init creates files and directories there.

Bug: 139190159
Test: aosp boots, logs look good
Change-Id: I3ee654a928bdab3f5d435ab6ac24040d9bdd9abe
2019-08-29 15:08:21 -07:00
Kalesh Singh
46303aa1f7 Sepolicy for IAshmem HIDL interface
Change-Id: Id78f995661120f136d671ea0084db358e7662122
Bug: 133443879
Test: Manually check logcat for sepolicy denials (logcat | grep IAshmem)
2019-05-29 14:44:47 -07:00
YH_Lin
a5ff1bae61 sepolicy: add sepolicy rules for vold to write sysfs gc_urgent
03-22 02:01:02.656   561   561 W Binder:561_4: type=1400 audit(0.0:1895354): avc: denied { write } for name="gc_urgent" dev="sysfs" ino=76829 scontext=u:r:vold:s0 tcontext=u:object_r:sysfs_fs_f2fs:s0 tclass=file permissive=0

Test: adb shell sm idle-maint run
Bug: 128935241

Change-Id: I2ae5477c9e605e6d1060565cacc520d696469af2
Signed-off-by: YH_Lin <yhli@google.com>
2019-03-24 13:19:46 +08:00
Martijn Coenen
1f1c4c3fa5 Allow apexd to talk to vold.
To query filesystem checkpointing state.

Bug: 126740531
Test: no denials
Change-Id: I28a68b9899d7cb42d7e557fb904a2bf8fa4ecf66
2019-03-14 07:23:40 +00:00
Tri Vo
5b60eb6397 vold: write permission to sysfs_devices_block
vold needs write permissions for /sys/block/*/uevent to perform a
coldboot.
https://android.googlesource.com/platform/system/vold/+/refs/heads/master/main.cpp#139

This denial is seen on cuttlefish:
avc: denied { write } for name=uevent dev=sysfs ino=11649
scontext=u:r:vold:s0 tcontext=u:object_r:sysfs_devices_block:s0
tclass=file permissive=1

Pixel devices resolve this denial in device policy, but since coldboot
is performed from platform code, the corresponding permission should be
in /system/sepolicy

Bug: 28053261
Test: boot cuttlefish without above denial
Change-Id: I2de08db603e2d287e8021af70ee8e69266d7736f
2019-03-11 13:36:56 -07:00
Tri Vo
a532088e7f Decouple system_suspend from hal attributes.
System suspend service is not a HAL, so avoid using HAL-specific macros
and attributes.

Use system_suspend_server attribute for ISystemSuspend.hal permissions.
Use system_suspend type directly for internal .aidl interface
permissions.

Bug: 126259100
Test: m selinux_policy
Test: blueline boots; wakelocks can still be acquired; device suspends
if left alone.
Change-Id: Ie811e7da46023705c93ff4d76d15709a56706714
2019-02-26 18:10:28 -08:00
Paul Lawrence
84e87b8753 Allow restorecon to work on vold_data_files
Bug: 119769411
Test: Compiles with rule needed to fix Wahoo
Change-Id: Ifad4c285815682a107013479850f2a63c894c855
2019-02-12 14:43:08 -08:00
David Anderson
db90b91ea0 Full sepolicy for gsid.
Bug: 122556707
Test: manual test
Change-Id: I2536deefb3aa75deee4aeae7df074349b705b0f0
2019-02-08 05:56:58 +00:00
Daniel Rosenberg
650981d2a8 Allow update_verifier to call checkpointing
This lets update_verifier call supportsCheckpoint to defer marking the
boot as successful when we may end up failing before we would commit
the checkpoint. In this case, we will mark the boot as successful just
before committing the checkpoint.

Test: Check that marking the boot as succesful was deferred in
      update_verifier, and done later on.
Change-Id: I9b4f3dd607ff5301860e78f4604b600b4ee416b7
2019-02-08 00:19:28 +00:00
Joel Galenson
fb0ab2e14e Hide denial seen during boot.
Test: Build.
Change-Id: Iae56f10eb4257bb0970906cb77b19d0b00c9d2be
2019-02-06 15:32:58 -08:00
Tri Vo
73d0a67b06 sepolicy for ashmemd
all_untrusted_apps apart from untrusted_app_{25, 27} and mediaprovider
are now expected to go to ashmemd for /dev/ashmem fds.

Give coredomain access to ashmemd, because ashmemd is the default way
for coredomain to get a /dev/ashmem fd.

Bug: 113362644
Test: device boots, ashmemd running
Test: Chrome app works
Test: "lsof /system/lib64/libashmemd_client.so" shows
libashmemd_client.so being loaded into apps.
Change-Id: I279448c3104c5d08a1fefe31730488924ce1b37a
2019-02-05 21:38:14 +00:00
Sudheer Shanka
f0abbf9798 Allow vold to create files at /mnt/user/.*
Bug: 121099965
Test: manual
Change-Id: I940868eb984399763d7346a201e37cb07fb12333
2018-12-20 12:01:54 -08:00
Martijn Coenen
d7bf9218a0 Allow apexd to write to sysfs loop device parameters.
To configure read-ahead on loop devices, eg.
/sys/devices/virtual/block/loop0/queue/read_ahead_kb

Bug: 120776455
Test: configuring read-ahead on loop devices works from apexd
Change-Id: Ib25372358e8ca62fa634daf286e4b64e635fac58
2018-12-20 03:05:50 +01:00
Paul Crowley
90e68e929c Remove overpermissive neverallow exceptions.
Test: Compiles - neverallow rules are compile time checks
Change-Id: I2e1177897d2697cde8a190228ba83381d9a1877a
2018-12-12 14:55:18 -08:00
Paul Crowley
f9f7539430 Abolish calls to shell in vold
Never use popen, just execvp directly

Test: Two tests
- Ensure Marlin device boots and vold_prepare_subdirs is called
successfully
- Try adb shell sm set-virtual-disk true, see that eg sgdisk output is
logged.
Bug: 26735063
Bug: 113796163

Change-Id: Icb34140429db85098a0118a2b833772e3620e7ac
2018-11-30 16:02:04 -08:00
Daniel Rosenberg
478ca55bfe Allow vold to remount
remount is needed for commiting checkpoints under f2fs

Test: vdc checkpoint commitChanges
Bug: 111020314
Change-Id: If7d4ab641b59d3e942d9d8a72bd91be08680227b
2018-11-27 21:17:59 +00:00
Nick Kralevich
536d3413b8 use hal_bootctl_server in neverallow rule
Hals have 3 attributes associated with them, the attribute itself, the
_client attribute, and the _server attribute. Only the server attribute
isn't expanded using the expandattribute keyword, and as a result, is
the only attribute which can be used in neverallow rules.

Fix neverallow rule to use hal_bootctl_server, which is not expanded,
instead of hal_bootctl.

Introduced in: https://android-review.googlesource.com/c/platform/system/sepolicy/+/777178

Test: policy compiles
Bug: 119500144
Change-Id: I8cff9cc03f4c30704175afb203c68f237fbd61ca
2018-11-26 23:17:28 -08:00
Nick Kralevich
1c5d223b16 vold: remove access to /proc/net files
The auditallow added in commit
7a4af30b38 ("Start the process of locking
down proc/net", May 04 2018), has not been triggered. This is safe to
delete.

Test: Policy compiles
Test: no collected SELinux denials
Bug: 68016944
Change-Id: Ib45519b91742d09e7b93bbaf972e558848691a80
2018-11-16 17:46:56 -08:00
Nick Kralevich
fefc887eda vold: allow ioctls BLKDISCARD and BLKGETSIZE
BLKDISCARD is used by vold while wiping block devices
b2455747a9/Utils.cpp (619)

BLKGETSIZE is used to determine the size of the block device. Ideally
code should not be using this ioctl, as it fails for devices >= 2T in
size. Vold indirectly uses this when executing /system/bin/newfs_msdos.
Arguably this is a bug in newfs_msdos, as BLKGETSIZE64 should be used
instead.
Code: 0c7e133c7f/mkfs_msdos.c (845)

Addresses the following denials:

audit(0.0:24): avc: denied { ioctl } for comm="Binder:588_2" path="/dev/block/vold/public:7,9" dev="tmpfs" ino=106407 ioctlcmd=1277 scontext=u:r:vold:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0
audit(0.0:25): avc: denied { ioctl } for comm="newfs_msdos" path="/dev/block/vold/public:7,9" dev="tmpfs" ino=106407 ioctlcmd=1260 scontext=u:r:vold:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0

Test: policy compiles.
Bug: 119562530
Change-Id: Ib7198daf150d6f2578545a6a402e0313069ea2b4
2018-11-14 13:01:00 -08:00
Risan
0c1848b170 SELinux changes for AppFuse
We are moving AppFuse mount from system_server's mount namespace to
vold. Hence, we could reduce the SELinux permissions given to
system_server, in the expense of adding allow rules to vold and
letting appdomain have access to vold's fd.

Bug: 110379912
Test: testOpenProxyFileDescriptor passes (after vold and
system_server code changes)

Change-Id: I827a108bd118090542354360a8c90b295e6a0fef
2018-11-13 22:45:51 +00:00
Nick Kralevich
c4cf98605d Revert "SELinux changes for AppFuse"
This reverts commit 67ed4328eb.

Reason for revert: Broken CTS test. See b/118642091

Bug: 118642091
Bug: 110379912
Change-Id: I5afd16bf23149c74f2740720cdd248a255ff1497
2018-10-30 03:30:55 +00:00
Jeff Sharkey
f2cad2d92b vold does more than LOOP_GET_STATUS64.
Update the "allowxperm" to reflect the various ioctl() performed in
the vold source code.

Bug: 118437832
Test: atest android.os.storage.cts.StorageManagerTest
Change-Id: Ide3a09104d8b4ce7fa2b7e23e9b215139186f595
2018-10-27 16:56:55 -06:00
Risan
67ed4328eb SELinux changes for AppFuse
We are moving AppFuse mount from system_server's mount namespace to
vold. Hence, we could reduce the SELinux permissions given to
system_server, in the expense of adding allow rules to vold and
letting appdomain have access to vold's fd.

Bug: 110379912
Test: testOpenProxyFileDescriptor passes (after vold and
system_server code changes)

Change-Id: I4731a8ec846c5cb84ec4b680d51938494e8ddd75
2018-10-26 19:45:50 +00:00
Nick Kralevich
787fc8d0e6 vold.te: allow BLKSECDISCARD
vold needs to securely delete content from various block devices. Allow
it.

Addresses the following denials:

type=1400 audit(0.0:66): avc: denied { ioctl } for comm="secdiscard" path="/dev/block/dm-3" dev="tmpfs" ino=17945 ioctlcmd=0x127d scontext=u:r:vold:s0 tcontext=u:object_r:dm_device:s0 tclass=blk_file permissive=0
type=1400 audit(0.0:43): avc: denied { ioctl } for comm="secdiscard" path="/dev/block/sda45" dev="tmpfs" ino=17485 ioctlcmd=127d scontext=u:r:vold:s0 tcontext=u:object_r:userdata_block_device:s0 tclass=blk_file permissive=0

Test: policy compiles.
Change-Id: Ie7b4b8ac4698d9002a4e8d142d4e463f8d42899a
2018-10-23 03:35:08 -07:00
Nick Kralevich
4c8eaba75a start enforcing ioctl restrictions on blk_file
Start enforcing the use of ioctl restrictions on all Android block
devices. Domains which perform ioctls on block devices must be explicit
about what ioctls they issue. The only ioctls allowed by default are
BLKGETSIZE64, BLKSSZGET, FIOCLEX, and FIONCLEX.

Test: device boots and no problems.
Change-Id: I1195756b20cf2b50bede1eb04a48145a97a35867
2018-10-18 15:24:32 -07:00
Nick Kralevich
877b086097 vold: allow FS_IOC_FIEMAP
This is needed to find the file on the raw block device, so it can be
securely deleted.

Addresses the following denials:

  type=1400 audit(0.0:492): avc: denied { ioctl } for comm="secdiscard" path="/data/misc/vold/user_keys/ce/10/current/encrypted_key" dev="dm-3" ino=9984 ioctlcmd=0x660b scontext=u:r:vold:s0 tcontext=u:object_r:vold_data_file:s0 tclass=file permissive=0
  type=1400 audit(0.0:517): avc: denied { ioctl } for comm="secdiscard" path="/data/misc/vold/user_keys/ce/11/current/secdiscardable" dev="dm-3" ino=9581 ioctlcmd=0x660b scontext=u:r:vold:s0 tcontext=u:object_r:vold_data_file:s0 tclass=file permissive=0
  type=1400 audit(0.0:694): avc: denied { ioctl } for comm="secdiscard" path="/data/misc/vold/user_keys/ce/0/current/keymaster_key_blob" dev="dm-3" ino=9903 ioctlcmd=0x660b scontext=u:r:vold:s0 tcontext=u:object_r:vold_data_file:s0 tclass=file permissive=0

Test: policy compiles and device boots
Change-Id: I1adf21b7fa92b1f92ce76532f4d9337a4d58a2e5
2018-10-15 06:14:08 -07:00
Nick Kralevich
ebc3a1a34c Move to ioctl whitelisting for plain files / directories
Remove kernel attack surface associated with ioctls on plain files. In
particular, we want to ensure that the ioctls FS_IOC_ENABLE_VERITY and
FS_IOC_MEASURE_VERITY are not exposed outside a whitelisted set of
entities. However, it's straight forward enough to turn on ioctl
whitelisting for everything, so we choose to do so.

Test: policy compiles and device boots
Test: device boots with data wipe
Test: device boots without data wipe
Change-Id: I545ae76dddaa2193890eeb1d404db79d1ffa13c2
2018-10-10 13:02:57 +00:00
Igor Murashkin
72a88b194c iorapd: Add new binder service iorapd.
This daemon is very locked down. Only system_server can access it.

Bug: 72170747
Change-Id: I7b72b9191cb192be96001d84d067c28292c9688f
2018-10-08 15:00:34 -07:00
Joel Galenson
2d123fce3c Ensure vold is a client of hal_bootctl only in Treble mode.
This fixes a build breakage.

Test: Build policy.
Change-Id: Id5209a2bd6446ac6dd744b7426f540bc1a8641ed
2018-10-05 12:37:05 -07:00
Daniel Rosenberg
ac5293b4fb Add bootctl for vold
Allows checkpoint commands to check A/B update status

Test: vdc checkpoint startCheckpoint -1
Bug: 111020314
Change-Id: I086db548d55176bf88211001c7c1eecb8c50689e
2018-10-03 15:51:45 -07:00
Nick Kralevich
5e37271df8 Introduce system_file_type
system_file_type is a new attribute used to identify files which exist
on the /system partition. It's useful for allow rules in init, which are
based off of a blacklist of writable files. Additionally, it's useful
for constructing neverallow rules to prevent regressions.

Additionally, add commented out tests which enforce that all files on
the /system partition have the system_file_type attribute. These tests
will be uncommented in a future change after all the device-specific
policies are cleaned up.

Test: Device boots and no obvious problems.
Change-Id: Id9bae6625f042594c8eba74ca712abb09702c1e5
2018-09-27 12:52:09 -07:00
Jeff Vander Stoep
0b67bb88e5 Further lock down app data
Assert that only apps and installd may open private app files.

Remove "open" permission for mediaserver/vold and remove their
neverallow exemption.

Test: verify no related audit messages in the logs.
Test: build
Fixes: 80300620
Fixes: 80418809
Bug: 80190017
Change-Id: If0c1862a273af1fedd8898f334c9b0aa6b9be728
2018-09-22 22:38:42 -07:00
Yifan Hong
1cef6a94eb health.filesystem HAL renamed to health.storage
...to reflect that the HAL operates on storage devices,
not filesystem.

Bug: 111655771
Test: compiles
Change-Id: Ibb0572cb1878359e5944aa6711331f0c7993ba6e
Merged-In: Ibb0572cb1878359e5944aa6711331f0c7993ba6e
2018-09-20 04:12:45 +00:00
Benjamin Gordon
342362ae3e sepolicy: grant dac_read_search to domains with dac_override
kernel commit 2a4c22426955d4fc04069811997b7390c0fb858e (fs: switch order
of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks) swapped the order of
dac_override and dac_read_search checks.  Domains that have dac_override
will now generate spurious denials for dac_read_search unless they also
have that permission.  Since dac_override is a strict superset of
dac_read_search, grant dac_read_search to all domains that already have
dac_override to get rid of the denials.

Bug: 114280985
Bug: crbug.com/877588
Test: Booted on a device running 4.14.
Change-Id: I5c1c136b775cceeb7f170e139e8d4279e73267a4
2018-09-19 15:54:37 -06:00
Tri Vo
dac2a4a3a4 Sepolicy for system suspend HAL.
Bug: 78888165
Test: device can boot with HAL running.
Change-Id: I3bf7c8203e038b892176c97ec006152a2904c7be
2018-08-13 17:26:34 -07:00
Yifan Hong
fa5afa2afd vold uses health filesystem HAL
Bug: 111655771
Test: builds
Change-Id: I67850d910770109005b2243c628282ad638c88fb
2018-08-10 14:10:00 -07:00