This property controls how much userspace reboot watchdog will wait for
userspace reboot to start before falling back to hard reboot.
Test: builds
Bug: 152803929
Change-Id: I6955e8c94708e7e4161e4f334b03c052d42c0f9f
Defined a new signal intended to allow the system to reboot
the audio/soundtrigger HAL process.
Fixes: 153461865
Test: See main change in topic
Change-Id: I1e4a770670bb1274fa6a23cd0641f2554d4679f7
Before, we were silently ignoring unrecognized paths.
Bug: 152813275
Test: m (runs this test)
Test: reproduce every error I've added
Change-Id: I4a0b8fb9fff070d16126caa1499590693a6d2895
Bug: 150761030
Test: setting to 1 in device/google/cuttlefish/shared/device.mk
causes "default-key: Not enough arguments" as expected.
Change-Id: I73262efff0be15f0295d23168049ed9e3721a7f7
Seems that this is no longer needed, except for vendor_init.
Bug: 152813275
Test: m (runs this test)
Change-Id: I773053cbe1a84911684cc2ff15904ee7ddf7a73e
blank_screen can not find and use the lights HAL if it cannot use the servicemanager. This
broke turning off the display during shutdown.
Change-Id: I6aff1cb71f805637abc79493ba2574143c5cf7cf
Test: adb root; adb shell setenforce 1; adb shell setprop ctl.start blank_screen
Test: adb logcat -b all | grep 'denied'
Bug: 151363454
There is no change in behavior. These denials were already
being blocked.
Bug: 79617173
Test: build
Change-Id: Iffd1e5ba42854615eeea9490fe9150678ac98796
Previous behaviour:
Test: Set `PRODUCT_PUBLIC_SEPOLICY_DIRS`, causing
`product_sepolicy.cil` and `product_mapping_file` to
be generated. Do not use any `type` declarations that
would require a mapping in product sepolicy, e.g. only
define macros.
Run `make selinux_policy`, observe error:
```
FAILED: out/target/product/mydevice/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil
/bin/bash -c "(out/host/linux-x86/bin/version_policy -b out/target/product/mydevice/obj/FAKE/sepolicy_neverallows_intermediates/pub_policy.cil -t out/target/product/mydevice/obj/FAKE/sepolicy_neverallows_intermediates/pub_policy.cil -n 10000.0 -o out/target/product/mydevice/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil ) && (out/host/linux-x86/bin/secilc -m -M true -G -N -c 30 out/target/product/mydevice/obj/ETC/plat_sepolicy.cil_intermediates/plat_sepolicy.cil out/target/product/mydevice/obj/ETC/product_sepolicy.cil_intermediates/product_sepolicy.cil out/target/product/mydevice/obj/ETC/plat_mapping_file_intermediates/10000.0.cil out/target/product/mydevice/obj/ETC/product_mapping_file_intermediates/10000.0.cil out/target/product/mydevice/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil -o /dev/null -f /dev/null )"
Failure reading file: out/target/product/mydevice/obj/ETC/product_mapping_file_intermediates/10000.0.cil
```
This is caused by `secilc.c` trying to read the empty file:
```
rc = fread(buffer, file_size, 1, file);
```
Fix: Append a newline to make sure any file processed by
`filter_out` is still readable by secilc.
After:
Test: `make selinux_policy` with same preconditions.
Signed-off-by: Felix <google@ix5.org>
Change-Id: I6dcfcccdfa83121bbdc09632f7a2b609ef932fc9
This CL addresses the following denial, when the system_other
partition is erased. This happens when 1) the device gets an
OTA update and 2) factory reset to wipe userdata partition.
Note that the system_other partition will be mounted under
/postinstall only in the first boot after factory reset.
Also, system_other.img is only included in the factory ROM and
is absent in the OTA package. When it is absent and userdata
is wiped, the mount will fail and triggers the following denials
when both cppreopts.sh and preloads_copy.sh access /postinstall dir.
SELinux denials to address:
avc: denied { search } for comm="find" name="postinstall" dev="dm-5"
ino=44 scontext=u:r:preloads_copy:s0
tcontext=u:object_r:postinstall_mnt_dir:s0 tclass=dir permissive=0
avc: denied { search } for comm="cppreopts.sh" name="postinstall" dev="dm-5"
ino=44 scontext=u:r:cppreopts:s0
tcontext=u:object_r:postinstall_mnt_dir:s0 tclass=dir permissive=0
Bug: 152453231
Test: fastboot erase system_other (e.g., system_b) and fastboot -w
Change-Id: Ie67f02467d5da51b0caba6e8fda56bc2c6bbc944
Bug: 150130660
Test: Took a trace with Traceur and verified mm_event records
were included when the memory category was enabled.
Change-Id: Iea39467d0d37d12a78fbde57b8d9649fad45b652
Copied access from the old mediaprovider.te to the new
mediaprovider_app.te.
Test: MediaProvider can create dirs on /mnt/media_rw/<uuid>
Bug: 151981237
Change-Id: Icdb260d2e76a05a15512a5dd00e08f8ae861dce6
sysprop type checker compares a sysprop_library API file and
property_contexts files, and detects if there are any mismatches of
property types. For example, the following snippets are detected.
// foo.sysprop
prop {
prop_name: "ro.foo.bar"
type: Integer
...
}
// property_contexts
ro.foo.bar u:object_r:foo_prop:s0 exact string
"ro.foo.bar" is an Integer in .sysprop file, but it's a string in
property_contexts file.
Bug: 151879375
Test: sysprop_test
Test: run "m PlatformProperties" and see existing mismatches.
Change-Id: Ieb9965d14b8c90cfc730c3d20d95a28ecaabeba4
eng/userdebug rules added for integration testing of hidl_lazy_test,
similar to aidl_lazy_test.
This is required in sepolicy since the test requires defining a service
in an init.rc file, and so there needs to be sepolicy for init to start
this service.
Bug: 148114689
Test: hidl_lazy_test
Change-Id: Id6549cbb89b62d3f6de1ae2690ce95c3e8656f66
