Enable remote_provisioning diagnostic reporting from dumpsys and adb
shell by allowing the service, which is hosted in system_server, to call
KeyMint's IRPC HAL implementation.
Test: adb shell dumpsys remote_provisioning
Test: adb shell cmd remote_provisioning
Bug: 265747549
Change-Id: Ica9eadd6019b577990ec3493a2b08e25f851f465
Adds persist.sysui.notification.builder_extras_override property
associated permissions, which will be used to flag guard
a change in core/...Notification.java.
Original change I3f7e2220798d22c90f4326570732a52b0deeb54d didn't
cover zygote, which are needed for preloaded classes
Test: manual flash+adb setprop/getprop
Bug: 169435530
Change-Id: Ifad9e7c010554aa6a1e1822d5885016058c801c9
Devices can select their max supported with PRODUCT_MAX_PAGE_SIZE_SUPPORTED.
This is exposed as ro.product.cpu.pagesize.max to VTS tests.
Add the required sepolicy labels for the new property.
Bug: 277360995
Test: atest -c vendor_elf_alignment_test -s <serial>
Change-Id: Ibe01e301dbcc3392201dffd3bba845700ee2a5e8
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
This new system property will be read and written
by a new developer option switch, through gpuservice.
Based on the value stored in persis.graphics.egl,
we will load different GLES driver.
e.g.
persist.graphics.egl == $ro.hardware.egl: load native GLES driver
persist.graphics.egl == angle: load angle as GLES driver
Bug: b/270994705
Test: m; flash and check Pixel 7 boots fine
Change-Id: Idec4b947d0c69c52cd798df4f834053bd306cf5f
Also move all the AVF related tests to avf-presubmit, so they run on
real devices.
Partially reverts commit 26dcfc5416,
now that the test is disabled on Cuttlefish.
Bug: 264496291
Test: Presubmit
Change-Id: Ic9ac7bd33d7fa3b23e67fc29f8d9c1658db618b8
It fails in the build/test server due to `match` usage.
Bug: 277586190
Test: atest apex_sepolicy_tests_test
Change-Id: I34c90bae0f555042c8a4cc9308e9b7e1885d3b72
I just found it's reported in some bugreports when logging errors from
linkerconfig.
avc: denied { ioctl } for pid=314 comm="linkerconfig"
path="/dev/pts/0" dev="devpts" ino=3 ioctlcmd=0x5401
scontext=u:r:linkerconfig:s0 tcontext=u:object_r:devpts:s0
tclass=chr_file permissive=1
Bug: 276386338
Test: m && boot
Change-Id: I57c9cc655e610dc81a95bc8578a6649c52798c93
Property for multi usb mode is used by UsbAlsaManager to decide if only
one or multiple USB devices can be connected to audio system at a
certain time.
Bug: 262415494
Test: TH
Change-Id: I9481883fa8977329d35b139713aad15e995306b1
This is to prevent common mistakes when building an APEX. For example,
etc/vintf should be read-able by servicemanager.
Bug: 267269895
Test: apex_sepolicy_tests -f <(deapexer list --dir -Z foo.apex)
Test: atest apex_sepolicy_tests_test
Change-Id: I2e86096add1bb4c9daa0e841b10732c16a09efa3
This patch allows system server to read media config properties.
On 32bit architectures the StorageManager service in system server
needs to access media config while checking if transcoding is supported.
Bug: 276498430
Bug: 276662056
Change-Id: Ifc008d98b893b099c31c1fc8b96de9ed18dd4fbe
Signed-off-by: Slawomir Rosek <srosek@google.com>
This appears to be an oversight in T sepolicy???
Based on observed logs (on a slightly hacked up setup):
04-04 20:38:38.205 1548 1935 I Nat464Xlat: Stopping clatd on wlan0
04-04 20:38:38.205 1548 1935 I ClatCoordinator: Stopping clatd pid=7300 on wlan0
04-04 20:38:43.408 1548 1548 W ConnectivitySer: type=1400 audit(0.0:8): avc: denied { sigkill } for scontext=u:r:system_server:s0 tcontext=u:r:clatd:s0 tclass=process permissive=0
04-04 20:38:43.412 1548 1935 E jniClatCoordinator: Failed to SIGTERM clatd pid=7300, try SIGKILL
04-04 20:39:27.817 7300 7300 I clatd : Shutting down clat on wlan0
04-04 20:39:27.819 7300 7300 I clatd : Clatd on wlan0 already received SIGTERM
04-04 20:39:27.830 2218 2894 D IpClient/wlan0: clatInterfaceRemoved: v4-wlan0
04-04 20:39:27.857 1548 1935 D jniClatCoordinator: clatd process 7300 terminated status=0
I think this means SIGTERM failed to work in time, and we tried SIGKILL and that was denied, and then the SIGTERM succeeded?
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ia55ebd812cb9e7062e3cb10d6cb6851638926868
Commit 22fb5c7d24 migrated from property
types to attributes in some Microdroid rules, but omitted to
associated the attribute with the relevant types. So we fix that.
Bug: 274530433
Bug: 275469579
Bug: 276895565
Test: Will schedule a test run
Change-Id: I11194be9d1e352fa456c24a3b5784c18ccc03a69
Treble doesn't support U system + P vendor, so removing P (28.0)
prebuilts and compat files.
Bug: 267692547
Test: build
Change-Id: I3734a3d331ba8071d00cc196a2545773ae6a7a60
This change gives a new type (dalvik_dynamic_config_prop) to some ART
properties such as dalvik.vm.dex2oat-cpu-set and adds a new rule to
allow system server to set them.
Bug: 274530433
Test: Locally added some code to set those properties and saw it being
successfull.
Change-Id: Ie28602e9039b7647656594ce5c184d29778fa089
Introduce hypervisor-generic type for VM managers:
vm_manager_device_type.
Bug: 274758531
Change-Id: I0937e2c717ff973eeb61543bd05a7dcc2e5dc19c
Suggested-by: Steven Moreland <smoreland@google.com>
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
