This CL partially cherry-picks ag/18156623 to
update prebuilts. Other parts are already included by
aosp/2069127.
Test: m
Bug: 230289468
Change-Id: If52dea348c01113fe1504eb7e51f6780f0ed4a11
This allows MediaProvider call certain MediaCodec APIs
Also update prebuilts for API 32.
Test: atest TranscodeTest
Bug: 190422448
(cherry picked from commit 57401bc71f)
(cherry picked from commit c38b81ce4f)
Merged-In: Ied609152e6a9ba6d17b70db325ca33f1cb345eb8
Change-Id: Ied609152e6a9ba6d17b70db325ca33f1cb345eb8
Treble sepolicy tests check whether previous versions are compatible to
ToT sepolicy or not. treble_sepolicy_tests_for_release.mk implements it,
but it also includes a compat test whether ToT sepolicy + {ver} mapping
+ {ver} plat_pub_versioned.cil can be built together or not. We
definitely need such tests, but we already have a test called "compat
test" which does exactly that, and testing it again with Treble sepolicy
tests is just redundant. The only difference between those two is that
Treble sepolicy tests can also test system_ext and product compat files,
which was contributed by a partner.
The ultimate goal here is to migrate *.mk to Soong, thus merging these
two tests (compat, Treble) into one. As we've already migrated the
compat test to Soong, this change removes the compat test part from
treble sepolicy tests. Instead, the compat test will be extended so it
can test system_ext and product compat files too.
prebuilts/api/{ver}/plat_pub_versioned.cil and
prebuilts/api/{ver}/vendor_sepolicy.cil are also removed as they aren't
used anymore: vendor_sepolicy.cil is an empty stub, and
plat_pub_versioned.cil can be built from the prebuilt source files.
Bug: 33691272
Test: m selinux_policy
Change-Id: I72f5ad0e8bbe6a7c0bbcc02f0f902b953df6ff1a
The bootchart problem need the selinux policy fix.
But it is missing API 32
Bug: 218729155
Test: Build
Change-Id: Ia011f8bcd52403980c2a6751bb612dd5b770e130
Should system_server kill zygote on crashes, it will attempt to kill any
process in the same process group. This ensures that no untracked
children are left.
Bug: 216097542
Test: m selinux_policy
Change-Id: Ie16074f76e351d80d9f17be930a731f923f99835
(cherry picked from commit 6390b3f090)
Ignore-AOSP-First: backport with update to prebuilts
This allows MediaProvider call certain MediaCodec APIs
Also update prebuilts for API 32.
Test: atest TranscodeTest
Bug: 190422448
Merged-In: Ied609152e6a9ba6d17b70db325ca33f1cb345eb8
Change-Id: Ied609152e6a9ba6d17b70db325ca33f1cb345eb8
File accesses go through com.android.ddmlib.SyncService for CTS
ListeningPortsTest.
Bug: 201645790
Test: atest ListeningPortsTest
Ignore-AOSP-First: Fix already in AOSP
Change-Id: I0c66fb5e35cda3b1799cf003402e454d7a951e96
File accesses go through com.android.ddmlib.SyncService for CTS
ListeningPortsTest.
Bug: 201645790
Test: atest ListeningPortsTest
Ignore-AOSP-First: Fix already in AOSP
Change-Id: I0c66fb5e35cda3b1799cf003402e454d7a951e96
File accesses go through com.android.ddmlib.SyncService for CTS
ListeningPortsTest.
Bug: 201645790
Test: atest ListeningPortsTest
Ignore-AOSP-First: Fix already in AOSP
Change-Id: I0c66fb5e35cda3b1799cf003402e454d7a951e96
Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix.
Like we do with cgroup_v2, we set attribute permission to cgroup
as well.
This is the same fix as
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927857/
but it applies it to the prebuilts for api 32.0.
Test: On a Go device, which uses cgroup instead of cgroup_v2
Bug: 211037424, 211514318
Change-Id: Ib57c94d72d50317619aa513e9f784582e0c45862
Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix.
Like we do with cgroup_v2, we set attribute permission to cgroup
as well.
Test: On a Go device, which uses cgroup instead of cgroup_v2
Bug: 211037424
Change-Id: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492
Merged-In: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492
Treble doesn't support T system + O vendor, so removing 26.0 (N) and
27.0 (O) prebuilts and compat files.
Bug: 207815515
Test: build
Change-Id: I98d5972221a8e77f3c45fc48ff50bb2b8eb94275
Steps taken to produce the mapping files:
1. Add prebuilts/api/32.0/plat_pub_versioned.cil from the
/vendor/etc/selinux/plat_pub_versioned.cil file built on sc-v2-dev with
lunch target aosp_arm64-eng. Add prebuilts/api/32.0/vendor_sepolicy.cil
as an empty file.
When adding plat_pub_versioned.cil, leave only type and typeattribute
statements, removing the other statements: allow, neverallow, role, etc.
2. Add new file private/compat/32.0/32.0.cil by doing the following:
- copy /system/etc/selinux/mapping/32.0.cil from sc-v2-dev
aosp_arm64-eng device to private/compat/32.0/32.0.cil
- remove all attribute declaration statement (typeattribute ...) and
sort lines alphabetically
- some selinux types were added/renamed/deleted w.r.t 32 sepolicy.
Find all such types using treble_sepolicy_tests_32.0 test.
- for all these types figure out where to map them by looking at
31.0.[ignore.]cil files and add approprite entries to 32.0.[ignore.]cil.
This change also enables treble_sepolicy_tests_32.0 and installs
32.0.cil mapping file onto the device.
Bug: 206330997
Test: m treble_sepolicy_tests_32.0
Test: m 32.0_compat_test
Test: m selinux_policy
Change-Id: I8b2991e64e2f531ce12db7aaacad955e4e8ed687
