Due to AIDL HAL introduction, vendors can publish services
with servicemanager. vendor_service_contexts is labeled as
vendor_service_contexts_file, not nonplat_service_contexts_file.
And pack it to vendor partition.
Bug: 154066722
Test: check file label
Change-Id: Ic74b12e4c8e60079c0872b6c27ab2f018fb43969
To allow vold to abort it.
Bug: 153411204
Test: vold can access it
Merged-In: I334eaf3459905c27d614db8eda18c27e62bea5fa
Change-Id: I334eaf3459905c27d614db8eda18c27e62bea5fa
FMRadio dlopen fail and can't work
avc: denied { open } for
path="/data/asan/system/system_ext/lib64/libfmjni.so" dev="mmcblk0p38"
ino=190 scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0
app=com.android.fmradio
Fixes: 157108870
Test: Launch FMRadio, it can work well with asan enabled.
Change-Id: Ida35ad7248f361efbf649c30e905eeb38e1bf0b4
A device must indicate whether GPU profiling is supported or not through
setting these two properties properly. CTS needs to read these two
properties in order to run corresponding compliance tests. Hence need to
update sepolicy for these two properties.
Bug: b/157832445
Test: Test on Pixel 4
Change-Id: I6f400ecbbd5e78b645bb620fa24747e9367c2ff3
Merged-In: I6f400ecbbd5e78b645bb620fa24747e9367c2ff3
There are probably more cases but this one blocks presubmit
for cuttlefish with mainline kernels.
Bug: 158304247
Change-Id: I6d769b16a230a113a804df61f8de4dcbce2193b6
There should be no need for this, and it allows probing for file existence.
Access to /data and more specifically labeled directories under it
(e.g. /data/app) is not affected.
Bug: 158088415
Test: Builds
Change-Id: Iac39629b1c7322dc2fd9a57c9f034cb2ba73793f
vendor_init is allowed to write any properties except for system
internal and system restricted props for old devices. Relaxing telephony
props to avoid build breakage.
Bug: N/A
Test: m selinux_policy with not_compatible_property
Change-Id: I1346a87b774099c837c329b977fbd993202af65b
Some vendor apps are using platform key for signing.
This moves them to untrusted_app domain when the system partition is
switched to a Generic System Image (GSI), because the value of
platform's seinfo in /system/etc/selinux/plat_mac_permissions.xml
has been changed.
Duplicating the device-specific platform seinfo into
/vendor/etc/selinux/vendor_mac_permissions.xml to make it
self-contained within the vendor partition.
Bug: 157141777
Test: boot the device with a GSI, then `adb shell ps -eZ | grep qtidata`
Test: ./build/make/tools/releasetools/sign_target_files_apks \
--default_key_mappings path/to/keydir \
-o out/dist/<lunch>-target_files-*.zip \
signed-tardis-target_files.zip and checks the platform seinfo in
/vendor/etc/selinux/vendor_mac_permissions.xml is replaced.
Change-Id: Ic9a79780e30f456138e4de67210cc60ac2e490d6
Merged-In: Ic9a79780e30f456138e4de67210cc60ac2e490d6
(cherry picked from commit 8a86424e34)
To remove bad context names, two contexts are added.
- telephony_config_prop
- telephony_status_prop
exported_radio_prop, exported2_radio_prop are removed. Cleaning up
exported3_radio_prop will be a follow-up task.
Exempt-From-Owner-Approval: cherry-pick
Bug: 152471138
Bug: 155844385
Test: boot and see no denials
Test: usim works on blueline
Change-Id: Iff9a4635c709f3ebe266cd811df3a1b4d3a242c2
Merged-In: Iff9a4635c709f3ebe266cd811df3a1b4d3a242c2
(cherry picked from commit 4d36eae8af)
1. Allow gpuservice to access tracepoint id
2. Allow gpuservice to access bpf program
3. Allow gpuservice to attach bpf program to tracepoint
4. Allow gpuservice to access bpf filesystem
5. Allow gpuservice to run bpf program and read map through bpfloader
6. Allow gpuservice to check a property to ensure bpf program loaded
Bug: 136023082
Test: adb shell dumpsys gpu --gpumem
Change-Id: Ic808a7e452b71c54908cdff806f41f51ab66ffd8
Keystore access was reverted a while ago in ag/10598373.
Bug: 112038744
Test: atest CtsAppSecurityHostTestCases:android.appsecurity.cts.ApkVerityInstallTest
Test: atest GtsPlayFsiTestCases GtsPlayFsiHostTestCases ApkVerityTest
Change-Id: Ic170624f5a718806adf54ab12e8f4b9f17c7775b
Exported properties init.svc.* were world-readable, so making them
world-readable again to fix selinux denials.
Bug: 157474281
Test: m selinux_policy
Change-Id: I6d5a28b68061896e9cd2584c47aa60f6d36ed53f
/apex/apex-info-file.xml is labeled as apex_info_file. It is
created/written by apexd once by apexd, and can be read by zygote and
system_server. The content of the file is essentially the same as the
return value of getAllPackages() call to apexd.
Bug: 154823184
Test: m
Merged-In: Ic6af79ddebf465b389d9dcb5fd569d3a786423b2
(cherry picked from commit f1de4c02cc)
Change-Id: Ic6af79ddebf465b389d9dcb5fd569d3a786423b2
ro.bootimage.build.date.* are not used anywhere.
ro.bootimage.build.fingerprint was used in the recovery mode, which has
now been switched to ro.build.fingerprint.
Bug: 117892318
Test: m
Change-Id: Ie920c5eee20baf61676b1b8b16b7f281e1dc2901
compatible_property_only is meaningless to new types introduced after
Android P because the macro is for types which should have different
accessibilities depending on the device's launching API level.
Bug: N/A
Test: system/sepolicy/tools/build_policies.sh
Change-Id: If6b1cf5e4203c74ee65f170bd18c3a354dca2fd4
The fstab_suffix can be passed as 'androidboot.fstab_suffix=' on the
kernel command line, or as an Android DT node. It specifies an
override suffix for the fsmgr fstab search:
/odm/etc/fstab.${fstab_suffix}
/vendor/etc/fstab.${fstab_suffix}
/fstab.${fstab_suffix}
Bug: 142424832
Change-Id: I9c0acf7a5ae3cdba505460247decf2de9997cac1
