Add selinux policy so the healthconnect system service
can be accessed by other processes.
Bug: 246961138
Test: build
Change-Id: I37e0e7f1a2b4696b18f8876a107c509d2906e850
Conversion of the gatekeeper hidl interface to stable aidl interface.
Bug: 205760843
Test: run vts -m VtsHalGatekeeperTarget
Change-Id: I44f554e711efadcd31de79b543f42c0afb27c23c
ro.log.file_logger.path is a system property that liblog uses to
determine if file_logger should be used (instead of logd) and what file
the logs should be emitted to. It is primarily meant for non-Android
environment like Microdroid, and doesn't need to be set in Android. In
fact, setting it to a wrong value can break the system logging
functionality. This change prevents such a problem by assigning a
dedicated property context (log_file_logger_prop) to the property and
making it non-writable. (Note that it still has to be readable because
liblog reads it and liblog can be loaded in any process)
Bug: 222592894
Test: try to set ro.log.file_logger.path
Change-Id: Ic6b527327f5bd4ca70a58b6e45f7be382e093318
Previously in Microdroid, processes send log messages to logd over
socket and then logcat ran to hand the message to the host side over the
serial console.
That has changed. Now, the liblog library which processes use to emit
logs directly sends the given message to the serial console. Liblog does
this by reading a new system property ro.log.file_logger.path. When this
is set, liblog doesn't use the logd logger, but opens the file that the
sysprop refers to and writes logs there.
This change implments sepolicy side of the story.
* logd and logcat types are removed since they no longer are needed.
* existing references to those types are removed as well.
* a new property type `log_prop` is introduced and the two system
properties are labaled as log_prop
* all processes have read access to the system properties
* all processes have append access to /dev/hvc2
Bug: 222592894
Test: run microdroid, see log is still emitted.
Change-Id: I4c4f3f4fd0e7babeab28ddf39471e914445ef4da
This is needed for getting CPU time and wall time spent on subprocesses. Otherwise, the following denials will occur:
09-09 15:11:38.635 6137 6137 I binder:6137_1: type=1400 audit(0.0:185): avc: denied { read } for scontext=u:r:artd:s0 tcontext=u:r:dex2oat:s0 tclass=file permissive=1
09-09 15:11:38.635 6137 6137 I binder:6137_1: type=1400 audit(0.0:185): avc: denied { search } for name="6157" dev="proc" ino=57917 scontext=u:r:artd:s0 tcontext=u:r:dex2oat:s0 tclass=dir permissive=1
09-09 15:11:38.635 6137 6137 I binder:6137_1: type=1400 audit(0.0:185): avc: denied { open } for path="/proc/6157/stat" dev="proc" ino=57954 scontext=u:r:artd:s0 tcontext=u:r:dex2oat:s0 tclass=file permissive=1
Bug: 245380798
Test: -
1. adb shell pm art optimize-package -m speed -f \
com.google.android.youtube
2. See CPU time and wall time in the output. No denial occured.
Change-Id: I9c8c98a31e1ac0c9431a721938c7a9c5c3ddc42b
New ro.kernel.watermark_scale_factor property is used to store the
original value read from /proc/sys/vm/watermark_scale_factor before
extra_free_kbytes.sh changes it. The original value is necessary to
use the same reference point in case the script is invoked multiple
times. The property is set by init the first time script is invoked
and should never be changed afterwards.
Bug: 242837506
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I7760484854a41394a2efda9445cff8cb61587514
Next attempt at rolling forward aosp/2200430. It appears the
first-stage-init did not create the /dev/selinux folder on GSI
instances, resulting in breakages when selinux.cpp tries to copy files
to that folder.
To verify these changes for b/244793900, follow
gpaste/4922166775644160
Bug: 243923977
Test: atest SeamendcHostTest
Change-Id: I2bc630cfaad697d44053adcfd639a06e3510cc72
Starting with
91a9ab7c94
, calling io_uring_setup will need selinux permission to create anon
inodes.
Test: th
Bug: 244785938
Change-Id: I351983fefabe0f6fdaf9272506ea9dd24bc083a9
Revert "Add seamendc tests for sdk_sandbox in apex sepolicy"
Revert submission 2201484-sdk_sandbox
Note: this is not a clean revert, I kept the changes in aosp/2199179
and the changes to system/sepolicy/Android.mk. Those changes are already
part of internal, I do not want to put those files out of sync again.
Test: atest SeamendcHostTest
Reason for revert: b/244793900
Reverted Changes:
Ib14b14cbc:Add seamendc tests for sdk_sandbox in apex sepolic...
I27ee933da:Move allow rules of sdk_sandbox to apex policy
Change-Id: If225cdd090248e050d1f0b42f547a4b073bbafc6
Since the property is supposed to be used by vendor-side .rc file as
read-only (especially by vendor apex), it should be "system_restricted".
Also allow vendor_init to read the property.
Bug: 232172382
Test: boot cuttlefish (with vendor apex using the property)
Change-Id: I502388e550e0a3c961a51af2e2cf11335a45b992
See other cl in this topic for more information.
Bug: 198619163
Test: adb root; adb shell /system/bin/migrate_legacy_obb_data; adb logcat | grep obb shows "migrate_legacy_obb_data: No legacy obb data to migrate."
Change-Id: Ic2fb4183f80b36463f279b818e90c203e9a51422
Third attempt to roll-forward the apex_sepolicy changes from
aosp/2179294 and aosp/2170746.
I was finally able to figure out the likely root cause of the test
breakages in internal b/243971667. The related CL aosp/2199179 is making
the apex_sepolicy files mandatory for all AOSP builds.
Without the apex_sepolicy files, mixed GSI builds in internal using AOSP
as base would not implement the sdk_sandbox rules, causing breakages for
the SdkSandbox components.
Bug: 243923977
Test: atest SeamendcHostTest
Change-Id: I27ee933da6648cca8ff1f37bde388f72b4fe6ad6
New label proc_watermark_scale_factor was mistakenly added into ignore
list. Fix this by moving the mapping into correct .cil files.
Fixes: 6988677f22 ("Allow init to execute extra_free_kbytes.sh script")
Bug: 241761479
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: If12cad2ed20504d374d77a68eaba1600d2768338
