This is useful for tools like dumpsys, so that they work on all services
equally as well. Also, so that there is no difference with the regular
service manager.
Bug: 150579832
Test: 'adb shell /vendor/bin/dumpsys -l' shows 'manager'
Test: denial is no longer present:
03-05 12:23:47.346 221 221 E SELinux : avc: denied { add } for pid=221 uid=1000 name=manager scontext=u:r:vndservicemanager:s0 tcontext=u:object_r:service_manager_vndservice:s0 tclass=service_manager permissive=0
Change-Id: Id6126e8277462a2c4d5f6022ab67a4bacaa3241e
This change updates sepolicies for automotive display service to make it
available to the vendor processes.
Bug: 149017572
Test: m -j selinux_policy
Change-Id: I48708fe25e260f9302e02749c3777c0ca0d84e4b
Signed-off-by: Changyeon Jo <changyeon@google.com>
(cherry picked from commit 17b38d526d)
* allow shell to enable/disable the daemon via a sysprop
* don't audit signals, as some denials are expected
* exclude zygote from the profileable set of targets on debug builds.
I've not caught any crashes in practice, but believe there's a
possibility that the zygote forks while holding a non-whitelisted fd
due to the signal handler.
Bug: 144281346
Merged-In: Ib237d4edfb40b200a3bd52e6341f13c4777de3f1
Change-Id: Ib237d4edfb40b200a3bd52e6341f13c4777de3f1
(cherry picked from commit 008465e5ec)
For system prop flags from DeviceConfig namespace "Configuration".
Test: Build and run on local device
Bug: 149420506
Change-Id: If4196b4bf231e7c52f98b92cc0031a08dad06120
This change updates sepolicies for automotive display service to make it
available to the vendor processes.
Bug: 149017572
Test: m -j selinux_policy
Change-Id: I48708fe25e260f9302e02749c3777c0ca0d84e4b
Signed-off-by: Changyeon Jo <changyeon@google.com>
This is to allow adding the Tuner Resource Manager as a system service
Test: cuttlefish
Bug: 147380513
Change-Id: I3f61f2542c7fd934bb69dde08079f830196e2344
(cherry picked from commit 3791549dc4)
* allow shell to enable/disable the daemon via a sysprop
* don't audit signals, as some denials are expected
* exclude zygote from the profileable set of targets on debug builds.
I've not caught any crashes in practice, but believe there's a
possibility that the zygote forks while holding a non-whitelisted fd
due to the signal handler.
Change-Id: Ib237d4edfb40b200a3bd52e6341f13c4777de3f1
This is to allow adding the Tuner Resource Manager as a system service
Test: cuttlefish
Bug: 147380513
Change-Id: I3f61f2542c7fd934bb69dde08079f830196e2344
Adds a context for telephony related cache properties and changes
the bluetooth and system_server properties to match off of prefix
instead of exact string matches.
Test: Flashed phone with PowerManager caches enabled and verified
that the phone boots.
Change-Id: I9110192a12bb6222e49a8fb6b266d6067ef2ea92
service.adb.tls.port contains the adbd tcp port running the TLS server.
persist.sys.adb.wifi tells adbd when to enable the TLS server.
Bug: 149348431
Bug: 111434128
Test: Enable wireless debugging, check if TLS port information is
displayed in the Developer options > Wireless debuggging.
Change-Id: I5b5c5a3d064bc003f41386ede9051609fefec53e
The credstore service is a system service which backs the
android.security.identity.* Framework APIs. It essentially calls into
the Identity Credential HAL while providing persistent storage for
credentials.
Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: I5cd9a6ae810e764326355c0842e88c490f214c60
sys.linker property was defined to enable / disable generate linker
configuration, but the property has been removed. Remove sys.linker
property definition as it is no longer in use
Bug: 149335054
Test: m -j passed && cuttlefish worked without sepolicy error
Change-Id: Iacb2d561317d0920f93104717ce4f4bb424cc095
Merged-In: Iacb2d561317d0920f93104717ce4f4bb424cc095
sys.linker property was defined to enable / disable generate linker
configuration, but the property has been removed. Remove sys.linker
property definition as it is no longer in use
Bug: 149335054
Test: m -j passed && cuttlefish worked without sepolicy error
Change-Id: Iacb2d561317d0920f93104717ce4f4bb424cc095
Helps with support of recovery and rollback boot reason history, by
also using /metadata/bootstat/persist.sys.boot.reason to file the
reboot reason. For now, label this file metadata_bootstat_file.
Test: manual
Bug: 129007837
Change-Id: Id1d21c404067414847bef14a0c43f70cafe1a3e2
