Bug: 33691272
Test: build with odm and build without odm
Test: boot and see precompiled sepolicy used
Change-Id: Id84cca38f81ba3ecf7480d41a704085c7fff8b87
This reverts commit 231c04b2b9.
Now that b/186727553 is fixed, it should be safe to revert this revert.
Test: build
Bug: 184381659
Change-Id: If26ba23df19e9854a121bbcf10a027c738006515
This reverts commit e95e0ec0a5.
Now that b/186727553 is fixed, it should be safe to revert this revert.
Test: build
Bug: 184381659
Change-Id: Ibea3882296db880f5cafe4f9efa36d79a183c8a1
This is needed to debug hangs in keystore2.
Restricted to debuggable builds for now.
Bug: 186879912
Test: 'adb bugreport', then find the stack traces for keystore2 in the
"VM TRACES JUST NOW" section of the main bugreport file.
Change-Id: I4434cab7e79cb4aae8bbb2e3a8abff02e0073c13
Fixes the following denials:
avc: denied { getattr } for path="/dev/dma_heap/system" dev="tmpfs"
ino=534 scontext=u:r:mediatranscoding:s0
tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file
permissive=0
Bug: 185867872
Test: No more DMA-BUF heap related denials from
CtsMediaTranscodingTestCases
Change-Id: I45b57b45e0db996f08b82618dcd085ba0f7e6ef6
Once b/186727553 is fixed, booting GSI on cuttlefish will no longer load
cuttlefish's system_ext sepolicy. These domains are all private and
hence the permissions are being added to system/sepolicy to avoid
making them public(especially mediatranscoding that was changed from
public to private in Android S).
Test: build, boot
Change-Id: I4a78030015fff147545bb627c9e62afbd0daa9d7
This will make debugging of keystore issues in dogfood populations much
easier than it previously was, as developers will have detailed crash
dump reporting on any issues that do occur.
Bug: 186868271
Bug: 184006658
Test: crash dumps appear if keystore2 explodes
Change-Id: Ifb36cbf96eb063c9290905178b2fdc5934050b99
This allows us to log metrics from traced_probes to statsd
for failures. This is required for implementation of
go/perfetto-failure-stats.
This matches the CL aosp/1690788 which adds the initial logging to
traced_probes.
This solves the following denied message from logcat:
avc: denied { write } for comm="traced_probes" name="statsdw" scontext=u:r:traced_probes:s0 tcontext=u:object_r:statsdw_socket:s0
Bug: 177215620
Change-Id: I1523df818562f839b28061ef88f1910d4745a289
I haven't reviewed a single sepolicy change for over a year.
There are plenty of OWNERs who know the current code better.
Test: N/A
Bug: None
Signed-off-by: Sandeep Patil <sspatil@google.com>
Change-Id: I2f8345a0220e0f59ca56fad44768a074c3921f05
plat_sepolicy_vers.txt stores the version of vendor policy. This change
adds sepolicy_vers module to migrate plat_sepolicy_vers.txt to
Android.bp.
- Device's plat_sepolicy_vers: should be BOARD_SEPOLICY_VERS
- Microdroid's plat_sepolicy_vers: should be PLATFORM_SEPOLICY_VERSION
because all microdroid artifacts are bound to platform
Bug: 33691272
Test: boot device && boot microdroid
Change-Id: Ida293e1cb785b44fa1d01543d52d3f8e15b055c2
precompiled_system_ext_and_mapping.sha256 and
precompiled_product_and_mapping.sha256 has been installed, regardless of
existence of system_ext and product policies. This change only installs
such hash files when policy files exist, for consistency.
Bug: 186727553
Test: boot yukawa and see precompiled sepolicy is used
Change-Id: Iaad827cefdbe82e68288cd6cc59b55b5f28c229d
The ABI for system-secure heap was originally created to allow codec2 to
continue allocation in protected heaps by specifying the heap name via
the C2 HAL's ComponentStore interface. This patch make the ABI
expandable to accommodate multiple heaps both for usage by codec2 as well
as to allow unbinderized SP HALs to allocate in protected heaps.
Bug: 175697666
Test: manual
Change-Id: Ia8c1797c16441e73398c46d8727eee99614a35f1
otadexopt needs to be able to invoke derive_classpath in order to
determine the boot-classpath after the OTA finishes.
Test: manual OTA on blueline
Bug: 186432034
Change-Id: I3ec561fc0aa9de25ae1186f012ef72ba851990d0
Some jars, such com.android.location.provider.jar, are both on the
system_server classpath and loaded as libraries. If the .oat files are
in the ART apexdata cache (due to being system_server classpath), they
need to be execute permission to be usable as AOT compiled libraries.
Bug: 184881321
Test: install an updated ART apex, open apps, see no more denials
Change-Id: I89b74dfa047699c568575d99a29c5e74abdef076
The system property "vold.post_fs_data_done" is used by init and vold to
communicate with each other in order to set up FDE on devices that use
FDE. It needs to be gettable and settable by vold, and settable by init
and vendor_init. This was the case in Android 11 and earlier; however,
the change
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1277447
("Rename exported and exported2 vold prop") broke this by giving this
property the type "vold_config_prop", which made it no longer settable
by vold.
Since none of the existing property types appear to be appropriate for
this particular property, define a new type "vold_post_fs_data_prop" and
grant the needed domains permission to get/set it.
This is one of a set of changes that is needed to get FDE working again
so that devices that launched with FDE can be upgraded to Android 12.
Bug: 186165644
Test: Tested FDE on Cuttlefish
Change-Id: I2fd8af0091f8b921ec37381ad3b85a156d074566
* changes:
Revert "Add a neverallow for debugfs mounting"
Revert "Add neverallows for debugfs access"
Revert "Exclude vendor_modprobe from debugfs neverallow restrictions"
Revert "Check that tracefs files are labelled as tracefs_type"
Revert submission 1668411
Reason for revert: Suspect for b/186173384
Reverted Changes:
Iaa4fce9f0:Check that tracefs files are labelled as tracefs_t...
I743a81489:Exclude vendor_modprobe from debugfs neverallow re...
I63a22402c:Add neverallows for debugfs access
I289f2d256:Add a neverallow for debugfs mounting
Change-Id: Ie04d7a4265ace43ba21a108af85f82ec137c6af0
