MediaPlayer cannot load a video from RRO packages.
So, add allow rules which is necessary to play the video.
Bug: b/154795779
Test: check if MediaPlayer can load a video in RRO
Change-Id: I06eed146b6e70a548b6b4f4faf56ba2bccd68140
Assigning a new context boot_status_prop for following two properties:
- sys.boot_completed
- dev.bootcomplete
Bug: 154885206
Test: boot cf_x86 and crosshatch, see no denials
Change-Id: Ieadabf90a9a1b54b52a1283bd648c11c95d558dd
Merged-In: Ieadabf90a9a1b54b52a1283bd648c11c95d558dd
(cherry picked from commit 2973c96055)
These events supersede the ion_heap_grow / ion_heap_shrink events on
4.19+ kernels.
Bug: 154302786
Test: build, run on cuttlefish with new kernel, ls -lZ /sys/kernel/tracing/events/ion/ion_stat/enable
Change-Id: I262d8c3269d4261701361ad4b1bdc322f1f03969
The ro.surface_flinger.* properties are using instead of configstore.
Add get_prop (domain, surfaceflinger_prop) to domain.te so that it can
be used on all systems in the same way as configstore.
Bug: 124531214
Test: read properties in java (ag/11226921)
Change-Id: Ifc8a53ea544c761d85e370e177913db91d8a33a2
This prop allows vendors to specify whether their devices
have basic eBPF compatibility (ie. Linux kernel 4.9 with P VINTF).
Make it exported_default_prop because the shared library
libbpf_android is used in a lot of places.
See: https://r.android.com/1261922
Bug: 151753987
Signed-off-by: Felix <google@ix5.org>
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ifd9af558d84ea1619a6af7fce81b700fdfb22b9f
All apps signed with the media key share a UID. However,
some run in the priv_app selinux context, and others run
in the mediaprovider context. That's a bug. Apps which share
a UID should always share an selinux domain. Assign all apps
with the seinfo=media to the mediaprovider selinux domain.
This moves the following packages from the priv_app to the
mediaprovider domain:
com.android.providers.downloads
com.android.providers.downloads.ui
com.android.mtp
com.android.soundpicker
Bug: 154614768
Test: atest CtsDownloadManagerApi28
Change-Id: I6f96142ef03101568abed670a0e32f952515a590
com.google.android.gms and com.google.android.gsf have a sharedUserId
but were being routed to two different domains:
com.google.android.gms 10145 0 /data/user/0/com.google.android.gms google:privapp:targetSdkVersion=10000
com.google.android.gsf 10145 0 /data/user/0/com.google.android.gsf google:privapp:targetSdkVersion=10000
This change routes them to the same domain: gmscore_app
Bug: 154597032
Test: TH
Change-Id: I0a309a687eb8608604cabf65b58763a1a3262153
A vendor has an audio HAL implementation for Android Automotive that
controls amplifiers with tcp sockets. This violates a neverallow rule
in 'public/hal_audio.te':
neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket
} *;
This rule prevents any audio HAL server from accessing sockets; But
public/hal_neverallows.te, line 19 exempts HAL servers on automotive
devices; because in a car it is common to have external modules
accessible over in-vehicle networks.
Therefore, the existing neverallow rule in hal_audio.te is a duplicate;
and this CL removes this rule.
Vendors on automotive devices should refer to 'vendor/hal_audio_default.te',
by (1) creating a new type; (2) associating the type with the
'hal_automotive_socket_exemption' attribute.
Bug: 150400684
Test: tested with the following rules in 'vendor/hal_audio_default.te'
Test: type harmon_amplifier, domain;
Test: typeattribute hal_audio_default hal_automotive_socket_exemption;
Test: allow hal_audio_default harmon_amplifier:tcp_socket connect;
Test: m -j should compile sepolicy without complaints
Change-Id: I517b050d0582d08f94f35ba815a030121385f319
This is to clean up bad name "exported_dalvik_prop"
Bug: 154465224
Test: sepolicy_tests
Test: treble_sepolicy_tests 26.0 ~ 29.0
Change-Id: Ie5e738b5985c1db1bca7a857971d8490a7980b5b
Previously we have allowed many kinds of app processes to access
gpuservice. However, upon sharing files through bluetooth, bluetooth
process starts an activity to handle this task. At the meanwhile, any
processes with an activity launched shall access gpuservice for stats
purpose. This change amends the rules so that we don't miss anything.
Bug: 153472854
Test: use bluetooth to share a photo and check logcat
Change-Id: I3d620b703d3afe92ac1f61cfb2a2f343352ddd4d
It already has read dir access, but was missing file access which
would allow it read /sdcard symlink (/mnt/pass_through/0/self/primary)
Test: adb shell am broadcast -a
android.intent.action.MEDIA_SCANNER_SCAN_FILE
--receiver-include-background -d file:///sdcard
Bug: 153151011
Change-Id: If4d3fa3d96de6dd9672c0c3aa25fb25f196fe295
This property controls how much userspace reboot watchdog will wait for
userspace reboot to start before falling back to hard reboot.
Test: builds
Bug: 152803929
Change-Id: I6955e8c94708e7e4161e4f334b03c052d42c0f9f
Defined a new signal intended to allow the system to reboot
the audio/soundtrigger HAL process.
Fixes: 153461865
Test: See main change in topic
Change-Id: I1e4a770670bb1274fa6a23cd0641f2554d4679f7
