Allows dexopt to read odsign verification status and use on-device
generated artifacts when dexopting after an OTA.
Bug: 194069492
Test: manually apply ota, see no denials for reading property
Change-Id: I97acfc17ffd9291d1a81906c75039f01624dff0f
This service was renamed in
commit 8aaf796f980f21a8acda73180a876095b960fc28
after the mapping files were originally created in
commit 4f20ff73ee.
Bug: 191304621
Test: Merge redfin_vf_s T-based system with S-based vendor.
Change-Id: I3430f13a3438c06c6cb469a35a80390f83b1c0b4
Virtualizationservice should be able to read
* /apex/apex-info-list.xml: apex_info_file
* /data/apex/{active, uncompressed}: staging_data_file,
apex_data_file
and pass them to guest OS.
Bug: n/a
Test: atest MicrodroidHostTestCases
(see logcat for denials)
Change-Id: Ia9dab957a6f912aa193d58e2817a00d4a39b4536
ro.lmk.filecache_min_kb property allows vendors to specify min filecache
size in KB that should be reached after thrashing is detected.
Bug: 193293513
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I927f4a1c81db3f284353fe4ab93bf454acff69b7
This means that toolbox doesn't need permission to delete it.
Bug: 192917795
Bug: 193365943
Test: flashed on a VIM3L and booted
Change-Id: Ic0182c1c4eb84eb94f4db27d00effcd906ebed09
As "/storage/emulated/0/Android/obb, /storage/emulated/0/Android/data" might be labeledfs (f2fs),
Zygote needs to be allowed to unmount labeledfs while unmounting "/storage".
Here's the warning if we do not add it.
avc: denied { unmount } for scontext=u:r:zygote:s0 tcontext=u:object_r:labeledfs:s0 tclass=filesystem permissive=0
Bug:192989523
Test:adb shell stop; adb shell start; check no warning log
Change-Id: I74ce9bed29ec7da536a261a4fea25628f3d382ef
Grant access to odsign to read & delete pending key files. Eventually
we will grant the CompOS daemon write access.
Bug: 190166662
Test: Via odsign; no denials seen.
Change-Id: I6d3c3e5b2aec8ef65bd28cbb274d18263534ce66
We ended up with 4 labels for specific APEX files that were all
identical; I've replaced them with a single one
(apex_system_server_data_file).
Additionally I created an attribute to be applied to a "standard" APEX
module data file type that establishes the basics (it can be managed
by vold_prepare_subdirs and apexd), to make it easier to add new such
types - which I'm about to do.
Fix: 189415223
Test: Presubmits
Change-Id: I4406f6680aa8aa0e38afddb2f3ba75f8bfbb8c3c
... to connect to the programs running in the guest VM
Bug: 192904048
Test: atest MicrodroidHostTestCases
Change-Id: Iccb48c14ace11cc940bb9ab1e07cc4926182e06e
This change stops using deprecated functionality and migrates this
repository's custom Soong code to support current practices to manage
path property related dependencies. i.e. when a property includes
something that looks like ":module".
ExtractSourcesDeps has been deprecated in favor of tagging properties
with `android:"path"` which will cause the pathDepsMutator to add the
dependencies automatically.
android.SourceDepTag has been deprecated as the underlying type needs
to be changed and this will no longer work for its current uses.
* ctx.GetDirectDepWithTag(moduleName, android.SourceDepTag) will not
work to retrieve a reference to the module dependency added for
path properties. GetModuleFromPathDep(ctx, moduleName, "") must be
used instead.
* depTag == android.SourceDepTag can no longer be used to check to
see if depTag was used to add a module dependency for a module
reference in a path property without any output tag.
IsSourceDepTagWithOutputTag(depTag, "") must be used instead.
Bug: 193228441
Test: m nothing
Change-Id: I307039612f0f2a541ac7dbfddd052ef78c290f60
Additionally, remove the obsolete permission which allows keystore to
register callbacks with statsd. There's no direct communication between
keystore and statsd now.
Ignore-AOSP-First: No mergepath to AOSP.
Bug: 188590587
Test: statsd TestDrive script.
Merged-In: I31d202751ba78bb547822020260a7e366cb8826e
Change-Id: I31d202751ba78bb547822020260a7e366cb8826e
This is necessary to run tests or run VMs manually with SELinux
enforcement enabled.
Bug: 192256642
Test: atest VirtualizationTestCases
Change-Id: I03b12fefa4e79644bd2f3410cc255f923834aca4
app_zygote inherits tmpfs files from zygote, and needs to be able to
stat them after fork.
Bug: 192634726
Bug: 192572973
Bug: 119800099
Test: manually configure JIT zygote and run
atest \
CtsExternalServiceTestCases:\
android.externalservice.cts.ExternalServiceTest\
#testBindExternalServiceWithZygote
Change-Id: I401808c984edd4e3e4ef335f6a75cecc5cf69eca
