The new variable name reflects its actual usage.
Keep compatibility with BOARD_PLAT_* because it has been a
convention for years.
Amend the README to document the new variables.
Test: `make selinux_policy` with
`SYSTEM_EXT_{PUBLIC,PRIVATE}_SEPOLICY_DIRS` set,
observe additions in `$(TARGET_COPY_OUT_SYSTEM_EXT)/etc/selinux`
Signed-off-by: Felix <google@ix5.org>
Change-Id: If8188feb365eb9e500f2270241fa190a20e9de01
This is not allowed for apps with targetSdkVersion>=Q.
Allow this failure until gmscore fixes.
Bug: 160984921
Test: build
Change-Id: I1e9f2af091b22eef2bc05ae1e571fb45dec05cfe
ro.enable_boot_charger_mode and sys.boot_from_charger_mode are moved to
new property contexts for charger props to remove exported*_prop.
Bug: 155844385
Test: boot device with ro.enable_boot_charger_mode
Change-Id: I17d195d3c9c002a42125d46a5efcdb890f1c2a5c
All files under vendor_dlkm are tagged vendor_file.
All build props for vendor_dlkm are mapped as build_vendor_prop.
Test: build and
`ls /vendor_dlkm -lZ`
`adb shell getprop -Z | grep vendor_dlkm`
Bug: 154633114
Change-Id: Ie9dc26d948357767fec09aca645606310ad3425c
tombstoned.max_tombstone_coun becomes tombstone_config_prop to remove
exported*_default_prop
Bug: 155844385
Test: tombstoned is running and logcat shows no denials
Change-Id: I57bebb5766d790dc52d40a6d106f480e0e34fa4e
keyguard.no_require_sim becomes keyguard_config_prop to remove
exported*_default_prop
Bug: 155844385
Test: boot and see no denials
Change-Id: Icffa88b650a1d35d8c1cd29f89daf0644a79ddd3
apexd runs in two separate mount namespaces: bootstrap & default.
To support separate apex-info-list.xml for each mount namespaces, apexd
needs to emit separate .xml file according to the mount namespace and
then bind-mount it to apex-info-list.xml file.
Bug: 158964569
Test: m & boot
nsenter -m/proc/1/ns/mnt -- ls -lZ /apex/apex-info-list.xml
nsenter -m/proc/2/ns/mnt -- ls -lZ /apex/apex-info-list.xml
=> shows the label apex_info_file correctly
Change-Id: I25c7445da570755ec489edee38b0c6af5685724b
This needs to be updated to api 30.0 which introduced the system_ext.
Bug: 160314910
Test: build and boot
Change-Id: I08c4aed640467d11482df08613039726e7395be0
This does not yet list all the required capabilities for profcollectd,
but it at least allows the service to start under permissive mode.
Bug: 79161490
Test: start profcollectd
Change-Id: I92c6192fa9b31840b2aba26f83a6dc9f9e835030
CTS runs are being polluted by denial logs from the best-effort isatty (
-> TCGETS ioctl) check done by the perfetto's log formatter.
This patch suppresses the denial.
I believe that what's actually being denied is the ioctl itself, NOT the
TCGETS aspect of it (there is a domain-wide fifo_file TCGETS allowxperms
rule in domain.te:303). But the "dontauditxerms" suppresses the denial
anyway.
Bug: 159988048
Merged-In: Ieee1d7de8b023dd632d0e37afa3a2434cfd1a3a1
Change-Id: Ieee1d7de8b023dd632d0e37afa3a2434cfd1a3a1
(cherry picked from commit 8519c6d316)
The non-prebuilt files are already up-to-date, as this change exists in
aosp/master as aosp/1267820.
Bug: 159988048
Merged-In: Ie7780128fcd80a051e809bfc98f21179cb3f0ecc
Change-Id: Ie7780128fcd80a051e809bfc98f21179cb3f0ecc
(cherry picked from commit 2b2cde7592)
There is a desire to ensure that modprobe as a service can log to
kmesg to help triage issues, so add support for the -s or --syslog
flag to do so.
Bug: 159424228
Bug: 151950334
Test: use modprobe as a service to load modules, check logs
Change-Id: I884995f364b0fc604861797eb90d7225a372f864
To remove ambiguous context name exported_default_prop
Bug: 71814576
Test: boot and see no denials
Change-Id: I40eb92653fabc509419e07bb4bfa7301a8762352
Patchoat used to generate symlinks in /data/dalvik-cache that is later
referred by dex2oat. Since patchoat has been removed in Q, it should be
safe to remove the policy for reading symlinks.
Test: reboot; dmesg # no new denial
Test: cmd package compile -m speed -f com.test.app # no denial
Change-Id: Iad8c48c8bf0d31dcd19d6b321c8c15d3548a9190
To enable GpuMemTracer to emit initial counter packets, gpuservice must
be allowed to advertise a datasource and producer events.
Test: adb shell perfetto --query | grep gpu
Bug: 157142645
Change-Id: Ie7e825d178dfdbfa1eaf0d4cac8f120bad6c2766
