Test:IPeopleManager.Stub.asInterface(ServiceManager.getService(Context.PEOPLE_SERVICE) is
not null when called from another process
Bug: 169783793
Change-Id: I280568955c50f9deef0a35ad1b9864ffc0a82db4
This restriction was previously targetSdk gated for apps
with targetSdkVersion>=30.
This change is being posted for app-compat analysis and testing.
Bug: 170188668
Test: build
Change-Id: I08c709b2bb9a67157d0daf921e8ac7717a3bdf6f
This allows the SystemSuspend to read wakeup reasons from
sysfs_wakeup_reasons.
Test: Local test verified SystemSuspend can access sysfs_wakeup_reasons
Bug: 171021049
Change-Id: Ic5d723a989edbcbd55ff497a55ce8384ba1f226c
This reverts commit 8dea731805.
Reason for revert: b/162048565: broke access to /data/misc/shared_relro
Change-Id: Ia0f7b6bd575f1d1c95f11a356a5463b72dde9b10
This allows the SystemSuspend to serve Bluetooth registered callbacks
for BTAA purpose.
Test: Local test verified registered callbacks been serviced
Bug: 170315554
Change-Id: I358b6732fdb663dcffd2647b6d6fa9727be5564e
This allows the Bluetooth to communicate with the SystemSuspend to
obtain system wakeup and wakelock information for Bluetooth activity
attribution (BTAA) processing.
BTAA is a process unit within the Bluetooth stack to aggregate
Bluetooth traffics, wakeup, and wakelocks into per-app, per-device, and
activity based statistical information.
Test: Local test verified Bluetooth can acquire suspend_control
Bug: 170315554
Change-Id: I7417132793c1000a8e3136c300cf8c1ba9cc3a14
The existing freeze test only covers the policy files in system/sepolicy
alone. There's demand from product teams that would like to implement a
freeze test for their sepolicy. Instead of letting them fork the freeze
test, we believe expanding the scope of the exising one is in the best
interest.
$FREEZE_TEST_EXTRA_DIRS and $FREEZE_TEST_EXTRA_PREBUILT_DIRS are added.
These build variables could be appended like $PRODUCT_PUBLIC_POLICY. The
product team are expected to maintain their policy prebuilts.
Bug: 166455099
Test: manual
Change-Id: I6f350e1e3db2807be4dbfd0ceb34f0d89f94d629
Users are unable to pass config files directly to
perfetto via `perfetto -c /path/to/config` and have to
resort to awkward quirks like `cat config | perfetto -c -'.
This is because /system/bin/perfetto runs in its own SELinux
domain for reasons explained in the bug.
This causes problem to test infrastructures authors. Instead
of allowing the use of /data/local/tmp which is too ill-scoped
we create a dedicated folder and allow only shell and perfetto
to operate on it.
Bug: 170404111
Test: manual, see aosp/1459023
Change-Id: I6fefe066f93f1f389c6f45bd18214f8e8b07079e
This re-alignes aosp and internal master to avoid
conflicts when uploading CLs upstream.
Bug: 170126760
Change-Id: I9c087e70998cd529b71dec7428641c4bfef10d31
This is to support the addition of the device state manager service and
its associated binder service.
Test: Manual - Modify policy and verify binder service can be published.
Fixes: 170034199
Change-Id: Id63cb1db3ee80ec699e98443457c113d6be809fe
Add allow rules for destroyDsuMetadataKey() to securely discard key
files labeled as vold_metadata_file.
Bug: 168571434
Test: Wipe a DSU installation and verify that there's no avc denial.
Change-Id: I01acb6d732f345a5d937a2781befda80c64844b9
This patch adds the requisite permissions for the VcnManagementService.
Bug: 163431877
Test: Compiles, boots, FrameworksNetTests passes
Change-Id: I6e03ee798027b28f67d60c6e4280fb3410ec94c4
The framework_watchdog_config_prop properties control framework watchdog
configurations to handle watchdog timeout loop. The properties are
written only by vendor_init.
More details and background: go/break-sys-watchdog-loop
Bug: 141948707
Change-Id: I6c0da5fdafba8165e79d0f04e0a82874f605a06d
Also make shared_relro_file mlstrustedobject to ensure these files can
still be read by any app in any user.
Bug: 170622707
Test: Manual: delete the files, check they are re-created and accessible.
Test: Manual: no denials seen
Test: Presubmits
Change-Id: Icce4ee858219e3fd0e307f3edfb3c66005872a45
