This is to remove bad context name "exported3_system_prop".
- persist.sys.device_provisioned -> provisioned_prop
- sys.retaildemo.enabled -> retaildemo_prop
Bug: 154885206
Test: boot device and see no denials
Change-Id: Ia19a19d93d0689deb56d66fe0b039ace44e4836f
For whatever reason sys.usb.config* has been labeled as
system_radio_prop, which doesn't make sense. Changing context name as
usb_prop. For the same reason exported_system_radio_prop is also
renamed to usb-related names.
Bug: 71814576
Bug: 154885206
Test: m selinux_policy
Change-Id: If30bc620dbeac926a8b9bcde908357fda739a6c1
Merged-In: If30bc620dbeac926a8b9bcde908357fda739a6c1
(cherry picked from commit 44fbcdb677)
persist.sys.dalvik.vm.lib.2 is moved to a new context
dalvik_runtime_prop from bad context name.
Bug: 154885206
Test: boot device and see logcat
Change-Id: I9dea95105c266088d5f071bf2d890048f0999b0b
This prebuilt is based on the AOSP policy, but slightly manipulated so
that the set of types and attributes are identical with R policy.
Following types are removed.
boot_status_prop
dalvik_config_prop
gnss_device
surfaceflinger_color_prop
surfaceflinger_prop
systemsound_config_prop
vold_config_prop
vold_status_prop
Following type is renamed.
wificond_service -> wifinl80211_service
Bug: 153661471
Test: N/A
Change-Id: I018d5e43f53c2bf721db1d13f5f4be42b9782b29
This is unused currently & there are no concrete plans to use it
in the future.
Bug: 130080335
Test: Device boots up & connects to networks.
Test: Will send for regression tests
Change-Id: I785389bc2c934c8792c8f631362d6aa0298007af
Merged-In: I785389bc2c934c8792c8f631362d6aa0298007af
(cherry picked from commit 56dfc06397)
[cherry-picking]
Make ro.incremental.enable a vendor-specific property. Allow
system_server and vold to read this property.
Test: manual
BUG: 155212902
Change-Id: I8ff8837af635fa8e7b5bb02e5f6de5ac15b5023b
Merged-In: I8ff8837af635fa8e7b5bb02e5f6de5ac15b5023b
Cleaning up exported*_system_prop and moving surfaceflinger properties
to new property contexts.
Bug: 152468529
Bug: 154885206
Test: boot cf_x86 and crosshatch
Change-Id: I7f8a684e9cbabce2f55a5292d7b2283ac0716cd9
Assigning a new context boot_status_prop for following two properties:
- sys.boot_completed
- dev.bootcomplete
Bug: 154885206
Test: boot cf_x86 and crosshatch, see no denials
Change-Id: Ieadabf90a9a1b54b52a1283bd648c11c95d558dd
Merged-In: Ieadabf90a9a1b54b52a1283bd648c11c95d558dd
(cherry picked from commit 2973c96055)
Defined a new signal intended to allow the system to reboot
the audio/soundtrigger HAL process.
Fixes: 153461865
Test: See main change in topic
Change-Id: I1e4a770670bb1274fa6a23cd0641f2554d4679f7
For system prop flags from DeviceConfig namespace "Configuration".
Test: Build and run on local device
Bug: 149420506
Change-Id: If4196b4bf231e7c52f98b92cc0031a08dad06120
This fixes a bug introduced in aosp/1143430 where the permission
should have been included for the newly introduced
ashmem_libcutils_device type.
Test: Build
Bug: 150193534
Change-Id: I5b1ed8d9548f9dab4ad9373f98e21614c07c3d38
service.adb.tls.port contains the adbd tcp port running the TLS server.
persist.sys.adb.wifi tells adbd when to enable the TLS server.
Bug: 149348431
Bug: 111434128
Test: Enable wireless debugging, check if TLS port information is
displayed in the Developer options > Wireless debuggging.
Change-Id: I5b5c5a3d064bc003f41386ede9051609fefec53e
Define two property_context.
1. vendor_socket_hook_prop - for ro.vendor.redirect_socket_calls. The
property set once in vendor_init context. It's evaluated at process
start time and is cannot change at runtime on a given device. The set
permission is restricted to vendor_init. The read permission is
unrestricted.
2. socket_hook_prop - for net.redirect_socket_calls.hooked. The
property can be changed by System Server at runtime. It's evaluated when
shimmed socket functions is called. The set permission is restricted to
System Server. The read permission is unrestricted.
Bug: Bug: 141611769
Test: System Server can set net.redirect_socket_calls.hooked
libnetd_client can read both properties
libnetd_client can't set both properties
Change-Id: Ic42269539923e6930cc0ee3df8ba032797212395
This adds the type and permissions for dumping and appending prereboot
information.
Bug: 145203410
Test: Didn't see denials while dumping and appending prereboot info.
Change-Id: Ic08408b9bebc3648a7668ed8475f96a5302635fa
This properties are used to compute UserspaceRebootAtom and are going to
be written by system_server. Also removed now unused
userspace_reboot_prop.
Test: builds
Bug: 148767783
Change-Id: Iee44b4ca9f5d3913ac71b2ac6959c232f060f0ed
In order to track time in state data using eBPF, system_server needs
to be able to attach BPF programs to tracepoints, which involves:
- calling perf_event_open and the PERF_EVENT_IOC_SET_BPF ioctl
- running BPF programs
- reading tracepoint ids from tracefs
Grant system_server the necessary permissions for these tasks
Test: modify system_server to try to attach programs; check for
denials
Bug: 138317993
Change-Id: I07dafd325a9c57d53767a09d4ca7b0fb2dd2d328
Signed-off-by: Connor O'Brien <connoro@google.com>
System_server will listen on incoming packets from zygotes.
Bug: 136036078
Test: atest CtsAppExitTestCases:ActivityManagerAppExitInfoTest
Change-Id: I42feaa317615b90c5277cd82191e677548888a71
The binder_cache_system_server_prop context allows any user to read the
property but only the system_server to write it. The only property with
this context is currently binder.cache_key.has_system_feature but users
will be added.
Bug: 140788621
Test: this was tested on an image with a binder cache implementation. No
permission issues were found. The implementation is not part of the current
commit.
Change-Id: I4c7c3ddf809ed947944408ffbbfc469d761a6043
* These properties are used by the wifi hal and it works as expected on
devices with compatible property. However, on devices without
compatible property, these prperties are labeled as "default_prop"
because public/property_contexts is not used. Thus they can't be set
by the hal.
* To tackle the problem, label them as "wifi_prop" in
private/property_contexts which also works on devices without compatible
property. The label will be overridden later by
public/property_contexts rules if exist.
Change-Id: If8b8bd5bea64f2ea08864cc62f6dc405cb394e00
In order for system_server to report ION allocations in dumpsys meminfo
report it needs access to ION sysfs nodes.
Bug: 138148041
Test: dumpsys meminfo
Change-Id: I8b1efebe8f4b06a3975e96ddd6a8cbcacdb52fb2
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Also allow binder service "incremental_service" to be found by service
manager.
Test: boots
BUG: 136132412
Change-Id: I3584a9b69a7e1909f096e3c4579c1834bdfba22e
* changes:
Allow audio_server to access soundtrigger_middleware service
Allow soundtrigger_middleware system service
Allow system service to access audio HAL (for soundtrigger)
