Ueventd can't set properties currently, but this is an artificial
limitation, since ueventd communicates to init that it has finished
cold boot via a file, and init polls this file instead of returning to
the epoll loop, where properties are handled.
A related change replaces that file with a property and thus frees
ueventd to be able to set properties. This change creates the
cold_boot_done property type for this property and gives only ueventd
permissions to set it.
Bug: 62301678
Test: boot, check that properties are set
Change-Id: I40843b423b192ea841db6a82f648e5bab9738e0e
Bug: 135111122
Test: Ran "adb shell am hang" and verified that power.stats HAL
information is in /data/anr/<anr_file>
Change-Id: I60a6191626a20c737124033e8ad453fa91425e39
(cherry picked from commit 8273f1915f)
This property will be set by system_server (to indicate the currently
selected theme for device), and can be accessed by vendor init.rc.
avc: denied { read } for property=persist.sys.theme pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:theme_prop:s0 tclass=file
Bug: 113028175
Test: Set a vendor init trigger that waits on `persist.sys.theme`. Check
that the trigger fires without denial.
Change-Id: Ia85b1a8dfc118efdbb9337ca017c8fb7958dc386
Merged-In: Ibb4e392d5059b76059f36f7d11ba82cd65cbe970
(cherry picked from commit 75182a1ea6)
This CL fixes the following denials during libdm_test
that is part of VTS.
avc: denied { read } for comm="loop1" path=2F6D656D66643A66696C655F32202864656C6574656429
dev="tmpfs" ino=97742 scontext=u:r:kernel:s0 tcontext=u:object_r:appdomain_tmpfs:s0
tclass=file permissive=0
W loop1 : type=1400 audit(0.0:371): avc: denied { read } for
path=2F6D656D66643A66696C655F32202864656C6574656429 dev="tmpfs" ino=97742 scontext=u:r:kernel:s0
tcontext=u:object_r:appdomain_tmpfs:s0 tclass=file permissive=0
Bug: 135004816
Test: adb shell libdm_test
Change-Id: Ifb6d58ee6f032cdf3952a05667aa8696d6e2a2fa
Merged-Id: Ifb6d58ee6f032cdf3952a05667aa8696d6e2a2fa
This is so that zygote can create the JIT cache with memfd_create
(or ashmem when memfd is not available).
Test: boot
Bug: 119800099
Change-Id: I88f1f6b1c930a8d22985b306a238f60b4af59f9c
Bug: http://b/135139675
Coverage files are written to /data/misc/trace (governed by the
method_trace_data_file selinux type). Allow all domains to access
(create directories, access files) this directory when native coverage
is enabled (by setting NATIVE_COVERAGE to true) in an userdebug or eng
build.
Also relax neverallow constraints to allow access to
method_trace_data_file for native coverage builds.
Test: Build 32-bit cuttlefish with coverage:
m NATIVE_COVERAGE=true COVERAGE_PATHS="*"
and verify that there are no selinux denials in kernel log and
logcat.
Change-Id: I3fe7c77612854b9de7de7a0ddd5cbf44a2f5c21e
apexd stops itself when it finds that it is running on a device with
flattened APEXes (i.e. ro.apex.updatable = false).
Bug: 133907211
Test: launch sdk_phone_x86_64
adb logcat -d | grep apexd | wc -l
returns 3
Change-Id: I7fa161b069aa34adb028194b55f367fe740a0cfc
29.0.ignore.cil/29.0.cil should be expanded into
28.0.ignore.cil/28.0.cil, so that there is no need to duplicate changes
in both places.
Test: adding a type to 29.0.ignore.cil/29.0.cil only doesn't trigger a
build error.
Change-Id: I543c0fc5e3749211e5bede81aabb0b520435a510
Since this rule does read the networkstack key.
Bug: 130111713
Test: treehugger
Test: run this on RBE, which only exposes the source files depended upon
Change-Id: Ib4c7e0680158e7892c062f00fe64c2da4195da2b
Track the removal of time zone data files from the runtime mainline module.
Bug: 132168458
Test: build / boot only
Change-Id: I67e596e4da2b23726c36866ff1648a833d2853c7
Although this may appear very permissive, it ok since the current allow
rule already gives every domain access to /dev/ashmem.
Change-Id: I1f121a3c6a911819b2c3e0605a0544a039cb5503
Bug: 134161662
Test: Check logcat for Sepolicy denials (logcat -d | grep shmem)
This is needed now that libfiemap_writer reads from dm/name to find
device-mapper names.
Bug: 134536978
Test: gsi_tool install
Change-Id: I10e1234f2ea39c92b43ace97fa76878358dfc476
BOARD_SEPOLICY_DIRS is deprecated and references should be updated.
Signed-off-by: Felix <google@ix5.org>
Change-Id: I063940a63256a881206740e8a7ecae215f3a5ca8
bug_map is not picked up correctly when BOARD_VENDOR_SEPOLICY_DIRS is
used. And BOARD_SEPOLICY_DIRS is deprecated.
Test: m selinux_policy
Change-Id: I1dcc6ac6f7b6d0f41f29d5894bef81f3fbf841e6
This set of patches adds a way for the perfetto command line client to
save a trace to a hardcoded location,
/data/misc/perfetto-traces/incident-trace, and call into incidentd to
start a report, which will include said trace in a new section.
This is not a long-term solution, and is structured to minimize changes
to perfetto and incidentd. The latter is currently architected in a way
where it can only pull pre-defined information out of the system, so
we're resorting to persisting the intermediate results in a hardcoded
location.
This will introduce at most two more linked files at the same time.
Bug: 130543265
Bug: 134706389
Tested: manually on blueline-userdebug
Change-Id: I2aa27e25f0209b3a5cdf5d550d0312693932b808
We want "vendor domain" which is referred to as { domain -coredomain
-appdomain }, to behave the same on user vs userdebug builds.
Bug: 134161662
Test: m selinux_policy / Check logcat for denials
Change-Id: If6757c820ed657ba2b70263bb546a456adcc7cff
Steps taken to produce the mapping files:
1. Add prebuilts/api/29.0/[plat_pub_versioned.cil|vendor_sepolicy.cil]
plat_pub_versioned.cil contains all public attributes and types from Q
Leave vendor_sepolicy.cil is empty.
2. Add new file private/compat/29.0/29.0.cil by doing the following:
- copy /system/etc/selinux/mapping/29.0.cil from pi-dev aosp_arm64-eng
device to private/compat/29.0/29.0.cil
- remove all attribute declaration statement (typeattribute ...) and
sort lines alphabetically
- some selinux types were added/renamed/deleted w.r.t 29 sepolicy.
Find all such types using treble_sepolicy_tests_29.0 test.
- for all these types figure out where to map them by looking at
28.0.[ignore.]cil files and add approprite entries to 29.0.[ignore.]cil.
This change also enables treble_sepolicy_tests_29.0 and installs
29.0.cil mapping file onto the device.
Bug: 133155528
Bug: 133196056
Test: m treble_sepolicy_tests_29.0
Test: m 29.0_compat_test
Test: m selinux_policy
Change-Id: I9e83e9bf118c8b8f8fcf84d5c0dcb6eb588e0d55
I took current AOSP policy as base, then removed sepolicy so that the
set of type and attributes was a subset of types and attributes in Q
sepolicy, with exception of those that have not yet been cleand up in
current AOSP:
mediaswcodec_server
netd_socket
mediaextractor_update_service
thermalserviced
thermalserviced_exec
Bug: 133196056
Test: n/a
Change-Id: I863429d61d3fad0272c1d3f1e429cd997513a74a
Merged-In: I3e091652fa8d1757b1f71f7559186d5b32f000d5
