This appears to be the minimum change required to accommodate Traceur
running the detachable Perfetto process.
Bug: 116754732
Test: Started a perfetto trace using --detach and it started
successfully.
Change-Id: I12881ae343389abdcc74af5f11ecbac99b03ef7c
When recording hour-long traces, logcat messages help
to interpret the trace, giving human readable context on what
is happening on the system.
Furthermore this is particularly helpful for startup
debugging thanks to activity manager instrumentation events
(am_on_create_called, am_on_start, ...).
This is only allowed on userdebug/eng builds.
Bug: 122243384
Change-Id: I4dfaebf21107e9853b0bf42403fbab6c3b4d5141
Create the system property ro.gfx.angle.supported that indicates if the
device supports ANGLE. The current planned use of this property is to
allow CTS to validate ANGLE functionality if the device indicates ANGLE
is supported.
Bug: 80239516
Test: Flash the build and verify the property is 'false' for marlin.
Test: Flash the build and verify the property is 'true' for walleye.
Change-Id: I00387db9ade34152f79d75453ea17d5ea7b063cd
The way we build and run CTS expects full_treble_only and
compatible_property_only macros to be applied to whole rules and not be
nested inside other rules.
Fixes: 122601363
Test: corresponding neverallow rule in auto-generated
SELinuxNeverallowRulesTest.java is parsed correctly.
Change-Id: Ibf5187cedca72510fe74c6dc55a75a54a86c02ff
runas_app domain is used by lldb/ndk-gdb/simpleperf to debug/profile
debuggable apps. But it misses permissions to ptrace app processes and
read /proc/<app_pid> directory.
Bug: none
Test: build and boot marlin.
Test: run lldb and simpleperf on apps with target sdk version 24-29.
Change-Id: I9e6f940ec81a8285eae8db3b77fb1251a25dedd0
In order to use the bionic libs and the dynamic linker from the runtime
APEX for all processes that are started after the APEX is activated, the
paths /system/lib/{libc.so|libm.so|libdl.so} and /system/bin/linker are
bind-mounted to the corresponding bionic libs and the dynamic linker
in the runtime APEX.
This bind mount allows us to keep other part of the platform and the
tests having implicit assumption that bionic libs are located at
/system/lib and loaded from the default linker namespace.
Bug: 120266448
Test: device boots
Change-Id: Ied611b267d187ee3d75a139c378ee12242d5b8d8
Recent change in netd and bpfloader switched the creater of bpf maps
from netd to bpfloader. Change the rules related to it to make sure it
doesn't fail.
Test: dumpsys netd trafficcontroller
Bug: 112334572
Change-Id: I016ff68b58ef7b12bdfdebc2fd178be1d0206a62
For consistency with APKs, signature verification is performed
in the system_server. This includes checking that the signature of
an updated install matches the signature of the active package that
it updates. For this, it requires search access to /data/apex and
read access to the files under that directory.
Test: m
Change-Id: Ia073adb8892886e4767fa5529e95c110b9cbff1b
Test: basic workflow between apexd and PackageManager tested with
changes being developed.
Bug: 118865310
Change-Id: I1ae866f33e9b22493585e108c4fd45400493c7ac
This prevents denials while taking a bugreport.
Bug: 116711254
Test: cts-tradefed run cts -m CtsSecurityHostTestCases -t
android.security.cts.SELinuxHostTest#testNoBugreportDenials
Change-Id: I64f441eb66c355d03eaf7755f2e9d3e970305ecd
