The bootchart problem need the selinux policy fix.
But it is missing API 32
Bug: 218729155
Test: Build
Change-Id: Ia011f8bcd52403980c2a6751bb612dd5b770e130
Because Traceur is being signed with the platform key in aosp/1961100,
the platform seinfo identifier is being added to Traceur so that SELinux
will correctly identify it as a platform app.
Bug: 209476712
Test: - Checked that Traceur can still take normal and long traces on
AOSP userdebug and internal user/userdebug.
- Checked that the Traceur app is now located in /system/app/
instead of /system/priv-app/.
Change-Id: Ibe7881d48798e3b71bb40e566fa8243cbb630b04
Merged-In: Ibe7881d48798e3b71bb40e566fa8243cbb630b04
dmesgd is a daemon that collects kernel memory error reports.
When system_server notices that a kernel error occured, it sets the
dmesgd.start system property to 1, which results in init starting
dmesgd.
Once that happens, dmesgd runs `dmesg` and parses its output to collect
the last error report. That report, together with the headers containing
device- and build-specific information is stored in Dropbox.
Empirically, dmesgd needs the following permissions:
- execute shell (for popen()) and toolbox (for dmesg),
read system_log (for dmesg)
- read /proc/version (to generate headers)
- perform Binder calls to servicemanager and system_server,
find dropbox_service (for dropbox)
- create files in /data/misc/dmesgd (to store persistent state)
Bug: 215095687
Test: run dmesgd on a user device with injected KFENCE bugs
Change-Id: Iff21a2ffd99fc31b89a58ac774299b5e922721ea
This CL updates hal_evs_default to be sufficient for the defautl EVS HAL
implementation and modifies other services' policies to be able to
communicate with EVS HAL implementations
Bug: 217271351
Test: m -j selinux_policy and Treehugger
Change-Id: I2df8e10f574d62f8b84e0ff0381656ab1b18b52f
Require all domains which can be used for BPF to be marked as
bpfdomain, and add a restriction for these domains to not
be able to use net_raw or net_admin. We want to make sure the
network stack has exclusive access to certain BPF attach
points.
Bug: 140330870
Bug: 162057235
Test: build (compile-time neverallows)
Change-Id: I29100e48a757fdcf600931d5eb42988101275325
MicrodroidHostTestCases will pull the VM's sepolicy and check it against
system/sepolicy/microdroid's neverallow rules, using sepolicy-analyze
tool.
Bug: 218461215
Test: atest MicrodroidHostTestCases
Change-Id: I62a69053996b71d69dd2bf6b7eabc8b701095477
OutputFileProducer interface has been returning "conf", not the
designated stem.
Test: try including se_policy_conf module as other module's srcs
Change-Id: I17de5e10ed9bd1d45dc9a8b1be11ea6f5290c179
Who needs all those context switches?
bpfloader controls which types of vendor programs can be used.
Bug: 140330870
Bug: 162057235
Test: successfully load bpf programs from vendor
Change-Id: I36e4f6550da33fea5bad509470dfd39f301f13c8
the hostapd service.
Needed in order to allow hostapd to
receive a callback from servicemanager
when the active service count changes.
Bug: 213475388
Test: atest VtsHalHostapdTargetTest
Change-Id: I3a5ec8219d23227fab85325f90d8b4aee6c76973
This partly reverts fa10a14fac. There we
removed individual labels for various apexdata labels, replacing them
with apex_system_server_data_file.
Unfortunately that doesn't handle upgrade scenarios well, e.g. when
updating system but keeping the old vendor sepolicy. The directories
keep their old labels, and vold_prepare_subdirs is unable to relabel
them as there is no policy to allow it to.
So we bring back the legacy labels, in private not public, and add the
rules needed to ensure system_server and vold_prepare_subdirs have the
access they need. All the other access needed is obtained via the
apex_data_file_type attribute.
Bug: 217581286
Test: Reset labels using chcon, reboot, directories are relabeled, no denials
Change-Id: If696882450f2634e382f217dab8f9f3882bff03f
System server needs to do this to know whether a suitable VM for
CompOS can be created. System server does not need the ability to
actually start a VM, so we don't grant that.
Bug: 218276733
Test: Presubmits
Change-Id: Ibb198ad55819aa924f1bfde68ce5b22c89dca088
Microdroid_manager uses the ioctl to flush data to the block device.
Bug: 208639280
Test: atest MicrodroidTestApp
Change-Id: Icd708702618850e1f003b16bdc8a1698c45f6442
sepolicy_generate_compat is a binary that creates a new compat file when
freezing sepolicy API.
Suppose that we are adding {ver} compat file, after freezing {ver}
sepolicy. Then the workflow would be:
1) copy prebuilts to system/sepolicy/prebuilts/api/{ver}
2) add {ver} to PLATFORM_SEPOLICY_COMPAT_VERSIONS under
build/make/core/config.mk
3) touch the following three files
- system/sepolicy/private/compat/{ver}/{ver}.cil
- system/sepolicy/private/compat/{ver}/{ver}.compat.cil
- system/sepolicy/private/compat/{ver}/{ver}.ignore.cil
- system/sepolicy/prebuilts/api/{ver}/vendor_sepolicy.cil
- system/sepolicy/prebuilts/api/{ver}/plat_pub_versioned.cil
* This step is to build base compat files, and won't be needed in the
future.
4) add compat module files (won't be needed in the future)
- {ver}.cil
- {ver}.compat.cil
- {ver}.ignore.cil
* This step is to build base compat files, and won't be needed in the
future.
5) run the following command to update above three files:
$ source build/envsetup.sh && lunch aosp_arm64-userdebug
$ m sepolicy_generate_compat
$ sepolicy_generate_compat --branch=(branch_for_ver) \
--build latest --target-version {ver} \
--latest-version {ver-1}
6) upload build/make and system/sepolicy changes.
This script still lacks:
- handling of plat_pub_versioned.cil
- test cases
We will tackle such problems with follow-up changes.
Bug: 214336258
Test: manual
Change-Id: I21723a0832e5adadae7c22797c5aba867dc0174e
Bug: 213519191
Test: On oriole, profcollectd can call callbacks registered by
Test: ProfcollectForwardingService in system_server.
Change-Id: I8531a6e57e5e5c12033d5e8c7651ccff9a1d976a
