Partial revert of:
commit 3e1dc57bf4
commit 30ae427ed0
The current file contexts could break potential implementations of NTFS
by partners in future. I am not rolling back the adjoining
fuseblkd_exec andfuseblkd_untrusted_exec code, because secure
implementations of fuseblk drivers should still endeavour to use the
more compartmentalised policies.
However, as we don't support NTFS officially, we should give
implementors the choices whether to use it or not, even if it will open
the door to potentially less secure implementations.
NTFS Context: http://b/254407246,
https://docs.google.com/document/d/1b5RjdhN2wFFqmLCK0P_chVyiEhiYqNlTn52TFBMNwxk
Bug: 294925212
Test: Builds and boot.
Change-Id: I6d3858517e797b3f7388f9d3f18dd4a11770d5bc
Add drmserver(32|64) for supporting 64-bit only devices. The patch is
for setting up the sepolicy for drmserver(32|64).
Bug: 282603373
Test: make gsi_arm64-user; Check the sepolicy
Ignore-AOSP-First: depend on an internal project
Change-Id: If8451de8120372b085de1977ea8fd1b28e5b9ab0
Setup tethering_u_or_later_native namespace
Test: adb shell device_config put tethering_u_or_later_native test 1
Test: Read persist.device_config.tethering_u_or_later_native.test property
Test: from system server and Tethering.apk
Ignore-AOSP-First: topic has CL that updates DeviceConfig
Bug: 281944942
Change-Id: I2862974dc1a15f6768a34763bb9e2bad93eaf4ca
The majority of code for media encoding and decoding occurs within the
context of client app processes via linking with libstagefright. This
code needs access to server-configurable flags to configure
codec-related features.
Bug: 234833109
Test: manual test with 'adb shell device_config' commands
Ignore-AOSP-First: cherry pick from AOSP
Change-Id: I95aa6772a40599636d109d6960c2898e44648c9b
This is needed to load GKI leaf modules like zram.ko.
Bug: 279227085
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I8a8205e50aa00686f478aba5336299e03490bbb5
Merged-In: I8a8205e50aa00686f478aba5336299e03490bbb5
This reverts commit 92251f5d15.
Reason for revert: Remove deferred list functionality now that the shape
of ANGLE shipping form is binaries. Applications on the list are broken
with ANGLE due to the lack of YUV support, this is currently being
worked on.
Ignore-AOSP-First: Cherry-pick revert.
Bug: 280450222
Change-Id: Ied92e6f482fe77e045139b4b0531b1db1a7ffb13
Test: atest CtsAngleIntegrationHostTestCases
Ignore-AOSP-First: confidential feature
Adding a system property to be read by AudioService
to override the minimum volume setting for the
assistant stream.
Bug: 277829235
Test: Build only
Change-Id: I08c500c0a3bb040559ca99d1817b7b848deee8c6
An app may wish to pass an open FD for the SDK sandbox
to consume, and vice versa. Neither party will be
permitted to write to the other's open FD.
Ignore-AOSP-First: Cherrypick
Test: Manual
Bug: 281843854
Change-Id: I73f79b6566ed3e3d8491db6bed011047d5a650ce
Merged-In: I73f79b6566ed3e3d8491db6bed011047d5a650ce
Add sdk_sandbox_next and apply it if a new input selector,
isSdkSandboxNext, is applied. This is set to true by libselinux
if a flag is set in the seInfo passed to it.
This enables some testers to test out the set of restrictions
we're planning for the next SDK version.
sdk_sandbox_next is not the final set of restrictions of the next SDK
version.
Bug: b/270148964
Test: atest PackageManagerLocalTest SdkSandboxDataIsolationHostTest
SdkSandboxRestrictionsTest
Change-Id: Ie8bad9c1b8f8eb032d13e1822689c78ad3d2c68a
Merged-In: Ie8bad9c1b8f8eb032d13e1822689c78ad3d2c68a
Add sdk_sandbox_next and apply it if a new input selector,
isSdkSandboxNext, is applied. This is set to true by libselinux
if a flag is set in the seInfo passed to it.
This enables some testers to test out the set of restrictions
we're planning for the next SDK version.
sdk_sandbox_next is not the final set of restrictions of the next SDK
version.
Bug: b/270148964
Test: atest PackageManagerLocalTest SdkSandboxDataIsolationHostTest
SdkSandboxRestrictionsTest
Change-Id: Ie8bad9c1b8f8eb032d13e1822689c78ad3d2c68a
Merged-In: Ie8bad9c1b8f8eb032d13e1822689c78ad3d2c68a
When ART Service is enabled, the runtime uses a different strategy to
write profiles: it first creates a temp profile file, and then moves it
to the final location, instead of mutating the file in place. This new
strategy requires the permission to create files. While apps have this
permission, unfortunately, system_server didn't. This CL fixes this
problem.
Bug: 282019264
Test: -
1. Enable boot image profiling
(https://source.android.com/docs/core/runtime/boot-image-profiles#configuring-devices)
2. Snapshot the boot image profile
(adb shell pm snapshot-profile android)
3. Dump the boot image profile
(adb shell profman --dump-only --profile-file=/data/misc/profman/android.prof)
4. See profile data for services.jar
Ignore-AOSP-First: This change requires updating the 34.0 prebuilt,
which doesn't exist on AOSP. Will cherry-pick to AOSP later.
Change-Id: Ie24a51f2d40d752164ce14725f122c73432d50c9
Revert submission 22955599-euicc_selinux_fix2
Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules
Reverted changes: /q/submissionid:22955599-euicc_selinux_fix2
Change-Id: I00cac36ac2f2a23d02c99b9ad9df57061d1ae61c
Revert submission 22899490-euicc_selinux_fix
Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules
Reverted changes: /q/submissionid:22899490-euicc_selinux_fix
Change-Id: I0c2bfe55987949ad52f62e468c84df954f39a4ad
Test: See commit 2691baf9d4f8086902d46b2e340a6e5464857b90 in art/
(ag/23125728)
Bug: 281850017
Ignore-AOSP-First: Will cherry-pick to AOSP later
Change-Id: I14baf55d07ad559294bd3b7d9562230e78201d25
Rename sdk_sandbox to sdk_sandbox_34.
Additionally, Extract out parts of sdk_sandbox_34 to
sdk_sandbox_all.te that will be shared with all sdk_sandbox domains.
Bug: b/270148964
Test: atest PackageManagerLocalTest SdkSandboxDataIsolationHostTest
SdkSandboxRestrictionsTest
Change-Id: I36e0c8795148de83c81dfe12559452812aa2b25e
Merged-In: I36e0c8795148de83c81dfe12559452812aa2b25e
Context: go/videoview-local-sandbox. This change is required to
play local files in a VideoView in the SDK sandbox.
Ignore-AOSP-First: Cherrypick
Test: Manual steps described in doc
Bug: 266592086
Change-Id: I940609d5dff4fc73d0376489646488c7b96eebb8
vendor_init needs to set graphics_config_writable_prop, moving it to
system_public_prop.
Ignore-AOSP-First: Cherry-pick
Bug: b/270994705
Test: atest CtsAngleIntegrationHostTestCases
Test: m && boot
Change-Id: I2f47c1048aad4565cb13d4289b9a018734d18c07
(cherry picked from commit 194abd16cb)
auditallow block from sdk_sandbox has been removed as we haven't yet
measured the system health impact of adding this. It'll be added to an
audit domain later after we've ruled out negative system health impact.
Bug: b/270148964
Test: atest PackageManagerLocalTest SdkSandboxDataIsolationHostTest
SdkSandboxRestrictionsTest
Change-Id: Ic4ce690e82b09ed176495f3b55be6069ffc074ac
Merged-In: Ic4ce690e82b09ed176495f3b55be6069ffc074ac
