ro.tuner.lazyhal: system_vendor_config_prop to decide whether the lazy
tuner HAL is enabled.
tuner.server.enable: system_internal_prop to decide whether tuner server
should be enabled.
Bug: 236002754
Test: Check tuner HAL and framework behavior
Change-Id: I6a2ebced0e0261f669e7bda466f46556dedca016
Add example implementation services: IFactory under android.hardware.audio.effect.
An audio HAL AIDL example service will register with the default implementations.
Bug: 238913361
Test: m, and flash with Pixel 6a.
Change-Id: Ib331899fd47b6b334b120e20617174d01e71ddb8
/system/bin/kexec in Microdroid is now properly labeled as kexec_exec.
The binary is responsible for loading the crashkernel into memory so
that when a kernel panic occurs the crashkernel is executed to dump the
RAM.
Microdroid_manager executes the kexec binary as part of the boot
process. It does this only when the kernel is booted with a memory
reserved for the crashkernel, which is determined by checking if
`crashkernel=` is included in the cmdline. For this, it is allowed to
read /proc/cmdline.
Bug: 238404545
Test: boot microdroid
Change-Id: Id08ba9610e3849ba811367917df8dfcc1774b561
compos has the microdroid_payload attribute, so we don't need to
duplicate rules that apply to that. This .te should only have things
that differentiate compos from other payloads.
Test: Presubmits
Change-Id: Ib5b8c52f9a068a583fc1471ac6cf0e4aef906857
The profilers cannot open files under
/data/misc/apexdata/com.android.art/dalvik-cache because they're not
allowed to search /data/misc/apexdata with the apex_module_data_file
label.
Example denial:
avc: denied { search } for name="apexdata" dev="dm-37" ino=89
scontext=u:r:traced_perf:s0
tcontext=u:object_r:apex_module_data_file:s0 tclass=dir permissive=0
Tested: patched & flashed onto a TM device, then profiled system_server
Bug: 241544593
Change-Id: Ifd8b94a9ebcae09701e95f6cd6a14383209963db
When a kernel panic occurs in a debug-enabled VM, a crashdump is created
in the VM and then it is flushed to the per-VM host-side file
/data/misc/virtualizationservice/<cid>/ramdump. Virtualizationservice
then opens the file and sends the FD to the owning client. This change
allows the client to read the ramdump via the FD.
A client accessing ramdump of other VM is prohibited since opening the
ramdump file is not allowed for the client; only virtualizationservice
can do it. Furthermore, ramdumping will be enabled only for the
debuggable VMs, which means reading it doesn't actually reveal any
(true) secret.
Bug: 238278104
Test: do the ramdump
Change-Id: I50e1fa83b99e8f24c849e278710b38f6ff9a25be
srcs/android/sysprop/MemoryProperties.sysprop
This property is populated by property service from the kernel
command line parameter androidboot.ddr_size=XXXX. Vendors can set
this command line option from the bootloader.
Bug: 231718727
Test: n/a
Change-Id: I3fb8a18125081b1a30dee715831f5701964cb375
fastboot will read this prop to check if io uring is supported. Add
proper sepolicy.
Test: th
Bug: 31712568
Change-Id: I8990d8a31748534d4444a2ef25b58d629651dac7
ro.secure and ro.debuggable system properties are not intended
to be visible via Android SDK. This change blocks untrusted
apps from reading these properties.
Test: android.security.SELinuxTargetSdkTest
Bug: 193912100
Change-Id: I40ac5d43da5778b5fa863b559c28e8d72961f831
The fuse supports file contexts. Microdroid_manager no longer needs the
access to the fuse label.
Bug: 188400186
Test: run microdroid test
Change-Id: I9a17a96c6d07a466e1fa01d65279e467a874da3f
This service has valid use cases such as video players and should therefore not be audited.
Change-Id: I3a0cffb34429320a412a7c05220376c0b58e28a3
Test: make
Bug: 211632068
Grant system_server and flags_health_check permission to set the
properties that correspond to vendor system native boot experiments.
Bug: 241730607
Test: Build
Merged-In: Idc2334534c2d42a625b451cfce488d7d7a651036
Change-Id: I3e98f1b05058245cad345061d801ecd8de623109
This is a roll-forward of some of the changes rolled back in
aosp/2170746. I am rolling forward in smaller chunks so that it is
easier to identify and avoid possible breakages.
Bug: 236691128
Test: atest SeamendcHostTest
Change-Id: Ibe451325d471fe04cd52683ba90a22543fa84c7c
Before this CL, "searchpolicy -t <NAME>" or "searchpolicy -s <NAME>"
would return all rules in the policy if NAME did not exist.
Bug: 238394904
Test: atest SELinuxHostTest
Change-Id: Id8eae496c2e605a094c4931b60812e10d2adab62
Before the addition of sepolicy:
Error with service 'android.hardware.drm.IDrmFactory/widevine' while dumping: FAILED_TRANSACTION
Success after change.
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine
Bug: 238682056
Change-Id: I3817c9487bdec0c812690823cbb941cff80f394f
Window manager team wants to leverage system properties for feature
flags that need to be read in ViewRootImpl and other classes preloaded
in Zygote. Appdomain is allowed to read that permission in commit
I5808bf92dbba37e9e6da5559f8e0a5fdac016bf3.
Bug: 241464028
Test: Zygote can preload persist.wm.debug.* props.
Change-Id: I0c2ae63db53530c1facd8c2132f99c0d919b4ad8
