auditallow block from sdk_sandbox has been removed as we haven't yet
measured the system health impact of adding this. It'll be added to an
audit domain later after we've ruled out negative system health impact.
Bug: b/270148964
Test: atest PackageManagerLocalTest SdkSandboxDataIsolationHostTest
SdkSandboxRestrictionsTest
Change-Id: I4a2112d4097c84c87d23a28a7fc0ac5f208dc5dc
Change-Id: Ic4ce690e82b09ed176495f3b55be6069ffc074ac
Context: go/videoview-local-sandbox. This change is required to
play local files in a VideoView in the SDK sandbox.
Test: Manual steps described in doc
Bug: 266592086
Change-Id: I940609d5dff4fc73d0376489646488c7b96eebb8
vendor_init needs to set graphics_config_writable_prop, moving it to
system_public_prop.
Bug: b/270994705
Test: atest CtsAngleIntegrationHostTestCases
Test: m && boot
Change-Id: I2f47c1048aad4565cb13d4289b9a018734d18c07
SDK's data should not be accessible directly by other domains, including
system server. Added neverallow to ensure that.
Bug: b/279885689
Test: make and boot device
Change-Id: If6a6b4d43f297ec2aa27434dd26f6c88d0d8bcf2
snapuserd logs are important when OTA failures happen. To make debugging
easier, allow snapuserd to persist logs in /data/misc/snapuserd_logs ,
and capture these logs in bugreport.
Bug: 280127810
Change-Id: I49e30fd97ea143e7b9c799b0c746150217d5cbe0
Bug: 264489957
Test: flash and no related avc error
Change-Id: Ia9a6d4918aa78e6b3e7df39496d786921192c8af
Signed-off-by: Wilson Sung <wilsonsung@google.com>
The original change was not a correct solution and was only intended to
silence an error. After the correct fix (aosp/2559927), we can remove
the rule (which is only allow the operation to happen and fail anyway).
Test: m
Bug: None
Change-Id: Ia41fac38e89653578adab3b10def7b1b0d0a3e61
This won't be harmful and this can help reduce rebuilding sepolicy
artifacts upon lunch target change.
Bug: 279524023
Test: m selinux_policy
Change-Id: I859de6dc0ac1958b44d847159904960bd7f9a0c2
This reverts commit af6035c64f.
Reason for revert: aosp/2559927 is the right fix
Bug: 279597861
Bug: 258093107
Test: see b/258093107#30
Change-Id: I8dbea3ba5541072f2ce8969bf32cf214fabb1965
Commit b554e59 converted the build rules of contexts to Soong.
Previously, both services_contexts and hwservice_contexts were stripped
of comments. This is useful as a CTS test (testAospServiceContexts)
ensures that the device service_contexts matches AOSP. Restore the
previous behaviour.
Bug: 279384270
Test: m selinux_policy; diff plat_service_contexts; no more comments
Change-Id: Id0245efacf4e4b123f805869d95bacf804ccb915
A lazy service shouldn't quit when it has clients, but
sometimes it needs to, such as when the device is
shutting down, so we test that it works.
In Android U, I broke this behavior, and it was caught
by other tests. However, now we have test support
for this directly in aidl_lazy_test.
No fuzzer, because this is a test service only, so it's
low-value.
Bug: 279301793
Bug: 278337172
Bug: 277886514
Bug: 276536663
Bug: 278117892
Test: aidl_lazy_test
Change-Id: I36b2602bb87b56ba1eb72420c7fdd60ff1fa14e2
In apex, ./etc/linker.config.pb file should be readable by linkerconfig.
Bug: 218922042
Test: apex_sepolicy_tests_test
Change-Id: Id41710dc127b5f5bda2d5bbb65271bcc0c5179b1
Define the selinux domain to apply to SDK runtime for
targetSdkVersion=34.
The existing sdk_sandbox domain has been renamed to sdk_sandbox_next.
Future CLs will add logic to apply one of these to the SDK runtime
processes on the device, based on a flag.
auditallow block from sdk_sandbox has been removed as we haven't yet
measured the system health impact of adding this. It'll be added to an
audit domain later after we've ruled out negative system health impact.
Bug: 270148964
Test: make and boot the test device, load SDK using test app
Change-Id: I7438fb16c1c5e85e30683e421ce463f9e0b1470d
This will allow vendor customization of isolated_compute_app. New permissions added should be associated with isolated_compute_allowed.
Bug: 274535894
Test: m
Change-Id: I4239228b80544e6f5ca1dd68ae1f44c0176d1bce
For unknown reason, denial still happens with system app after applying
ag/20712480. This commit adds a work around to fix this.
Bug: 258093107
Fixes: 272530397
Test: flash build, pair watch with phone, check SE denials log
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0ade3b2183d850fd508569782e35a59ef2bd4dce)
Merged-In: I16932c793c5ca144746d0903ed1826c1847d2add
Change-Id: I16932c793c5ca144746d0903ed1826c1847d2add
Enable remote_provisioning diagnostic reporting from dumpsys and adb
shell by allowing the service, which is hosted in system_server, to call
KeyMint's IRPC HAL implementation.
Test: adb shell dumpsys remote_provisioning
Test: adb shell cmd remote_provisioning
Bug: 265747549
Change-Id: Ica9eadd6019b577990ec3493a2b08e25f851f465
