DEFAULT_SYSTEM_DEV_CERTIFICATE is not appropriate as some OEMs may need
to change only the certificates used to generate
plat_mac_permissions.xml for mainline modules.
Test: m, checked output plat_mac_permissions.xml
Bug: 138097611
Bug: 134995443
Change-Id: Ie19130a243db043f432039c54c379f06e60ab6c6
Used to restrict properties init.svc_debug_pid.*
Bug: 138114550
Test: getprop | grep init.svc_debug_pid only shows results on root
Change-Id: I0c10699deec4c548a2463a934e96b897ddee1678
Used to lazily start AIDL services.
Bug: 138756857
Test: Manual (using mediaextractor as a test service)
Change-Id: Ia1f2c10072e42d8917985c38500be0955f98b8eb
Now that our tools are routed to system_suspend, there is no reason for
system_suspend to write to /sys/power/wake_[un]lock.
Bug: 128923994
Bug: 115946999
Test: boot blueline, no denials from system_suspend
Change-Id: I1097d30c050ce7d88677e07f4aaef07ce78dc958
LinkerConfig generator runs from early init, so if there is any warning
/ error then logs can be only found from kernel log. To enable kernel
logging from linkerconfig, specific policy should be added.
Test: m -j && Tested from Cuttlefish
Change-Id: I6c49d7693e0334ae8550891b72bcb04e37c16d89
Allow charger to read system properties with this prefix
so that charger's behavior is controlled by runtime.
Test: run offline charging on walleye
Bug: 124118169
Change-Id: I4266b2d043a5323b4adbd1636ada46b7e08ca667
In b/73062966, we add new AID ranges for each partition that doesn't
yet have them (system, system_ext, odm, product). We also add group
and passwd files to these partitions to be able to map these AIDs into
human readable user and group names, and vice versa.
All processes should be able to read all users and groups. We divide
the ranges into non-overlapping regions for each partition and we
namespace the names with the partition name as a prefix.
Allow domain r_file_perms to
/(system|product|system_ext)/etc/(group|passwd).
Vendor and odm passwd and group files already have this access, since
/(vendor|odm)/etc/* is already domain readable.
Example contents:
blueline:/ $ cat /system/etc/passwd
system_tom::6050:6050::/:/bin/sh
blueline:/ $ cat /product/etc/passwd
product_tom::7013:7013::/:/bin/sh
Bug: 73062966
Test: tree-hugger selinux denial during boot test
Change-Id: Ib4dc31778e95e952174e1365497feaf93dca7156
http://aosp/678384 changed property format
Fixes: 137695210
Test: inject timeout and take BR see dumpstate restarted
Change-Id: Ie24e2d42e92410a935ca4c9364b476d72aa459f3
FMRadio change from system image to product image, then FMRadio
can't launch
selinux denied log:
avc: denied { open } for path="/data/asan/product/lib64/libfmjni.so"
dev="mmcblk0p35" ino=18 scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0
app=com.android.fmradio
solution: label data/asan/product/lib(64) to system_lib_file
Bug: 136974466
Test: launch FMRadio, it can work
Change-Id: Icdfc794cb077b81d550816d2e7779c763604e050
/metadata/ota will store critical bits necessary to reify
system and vendor partition state during an OTA. It will be accessed
primarily by first-stage init, recovery/fastbootd, and update_engine.
Bug: 136678799
Test: manual test
Change-Id: Ib78cb96ac60ca11bb27d2b2fe011482e64ba0cf8
Move wifi services out of system_server into a separate APK/process.
Changes:
a) Created sepolicy for the new wifi apk.
b) The new APK will run with network_stack uid (eventually will be moved
to the same process).
Used 'audit2allow' tool to gather list of permissions required.
Note: The existing wifi related permissions in system_server is left
behind to allow the module to be loaded into system_server or
network_stack process depending on device configuration.
Bug: 113174748
Test: Device boots up and able to make wifi connection.
Test: Tested hotspot functionality.
Test: Ran WifiManagerTest & WifiSoftApTest ACTS tests locally.
Test: Will send for wifi regression tests.
Change-Id: Id19643a235bf0c28238f2729926b893ac2025b97
(cherry-picked from c7aa90091e6bec70a31a643cc4519a9a86fb0b38)
Bug: 72472544
This reverts commit 07efe37c5f.
Reason for revert: The selinux denial is no longer reproducible.
Test: Presubmit builds
Change-Id: I79d18743171315401401c1b06b3f97d837bf500f
Sepolicy for linkerconfig generator and ld.config.txt file from
generator
Bug: 135004088
Test: m -j & tested from device
Change-Id: I2ea7653a33996dde67a84a2e7a0efa660886434a
gsid creates loop devices when it cannot use device-mapper. This can
occur when images are split into multiple files (for example, FAT32) or
when a device is unencrypted, or FBE without metadata encryption. In
addition to accessing /dev/loop-control and loop devices, it also needs
LOOP_SET_DIRECT_IO and LOOP_SET_BLOCK_SIZE to optimize writes.
Bug: 134536978
Test: gsi_tool install works on crosshatch with metadata encryption
disabled
Change-Id: I3f0aee1d0757e4b299deee74a8c1077846d56292
ircs is not specific enough. There will be multiple services in the
future with ircsmessage used specificially for message store.
Test: compile, tests
Change-Id: Ia7d57e6900c733408be26d6520aa46c512229248
There was some plan to use binder from init, but it was abandoned. As
ServiceManager was recently re-written in C++, and as part of a
continued effort to reduce large dependencies in init and make sure it
is reliable, I'm removing these here.
Bug: 135768100
Test: N/A
Change-Id: I12b57709399c87ee25f689b601572b19abf7fb00
The audio HAL service name previously contained the audio HAL version
of the first audio HAL it supported.
Nevertheless, the same service can and do host all audio HAL versions.
Aka there is only one audio HAL service, and the version in its name is
technical dept and should not be changed.
This caused many confusions during vendor HAL upgrade as the
service version number was erroneously updated leading to
device boot loop.
The new service name is:
android.hardware.audio.service
The old one was:
android.hardware.audio@2.0-service
Keeping both names valid as most phones will not rename
the service immediately.
Bug: 78516186
Test: boot & check the audio HAL is up with the old and new name
Change-Id: I2ce0182fd919af6eb8325d49682b4374be00344e
Signed-off-by: Kevin Rocard <krocard@google.com>
