Defined a new signal intended to allow the system to reboot
the audio/soundtrigger HAL process.
Fixes: 153461865
Test: See main change in topic
Change-Id: I1e4a770670bb1274fa6a23cd0641f2554d4679f7
For system prop flags from DeviceConfig namespace "Configuration".
Test: Build and run on local device
Bug: 149420506
Change-Id: If4196b4bf231e7c52f98b92cc0031a08dad06120
This fixes a bug introduced in aosp/1143430 where the permission
should have been included for the newly introduced
ashmem_libcutils_device type.
Test: Build
Bug: 150193534
Change-Id: I5b1ed8d9548f9dab4ad9373f98e21614c07c3d38
service.adb.tls.port contains the adbd tcp port running the TLS server.
persist.sys.adb.wifi tells adbd when to enable the TLS server.
Bug: 149348431
Bug: 111434128
Test: Enable wireless debugging, check if TLS port information is
displayed in the Developer options > Wireless debuggging.
Change-Id: I5b5c5a3d064bc003f41386ede9051609fefec53e
Define two property_context.
1. vendor_socket_hook_prop - for ro.vendor.redirect_socket_calls. The
property set once in vendor_init context. It's evaluated at process
start time and is cannot change at runtime on a given device. The set
permission is restricted to vendor_init. The read permission is
unrestricted.
2. socket_hook_prop - for net.redirect_socket_calls.hooked. The
property can be changed by System Server at runtime. It's evaluated when
shimmed socket functions is called. The set permission is restricted to
System Server. The read permission is unrestricted.
Bug: Bug: 141611769
Test: System Server can set net.redirect_socket_calls.hooked
libnetd_client can read both properties
libnetd_client can't set both properties
Change-Id: Ic42269539923e6930cc0ee3df8ba032797212395
This adds the type and permissions for dumping and appending prereboot
information.
Bug: 145203410
Test: Didn't see denials while dumping and appending prereboot info.
Change-Id: Ic08408b9bebc3648a7668ed8475f96a5302635fa
This properties are used to compute UserspaceRebootAtom and are going to
be written by system_server. Also removed now unused
userspace_reboot_prop.
Test: builds
Bug: 148767783
Change-Id: Iee44b4ca9f5d3913ac71b2ac6959c232f060f0ed
In order to track time in state data using eBPF, system_server needs
to be able to attach BPF programs to tracepoints, which involves:
- calling perf_event_open and the PERF_EVENT_IOC_SET_BPF ioctl
- running BPF programs
- reading tracepoint ids from tracefs
Grant system_server the necessary permissions for these tasks
Test: modify system_server to try to attach programs; check for
denials
Bug: 138317993
Change-Id: I07dafd325a9c57d53767a09d4ca7b0fb2dd2d328
Signed-off-by: Connor O'Brien <connoro@google.com>
System_server will listen on incoming packets from zygotes.
Bug: 136036078
Test: atest CtsAppExitTestCases:ActivityManagerAppExitInfoTest
Change-Id: I42feaa317615b90c5277cd82191e677548888a71
The binder_cache_system_server_prop context allows any user to read the
property but only the system_server to write it. The only property with
this context is currently binder.cache_key.has_system_feature but users
will be added.
Bug: 140788621
Test: this was tested on an image with a binder cache implementation. No
permission issues were found. The implementation is not part of the current
commit.
Change-Id: I4c7c3ddf809ed947944408ffbbfc469d761a6043
* These properties are used by the wifi hal and it works as expected on
devices with compatible property. However, on devices without
compatible property, these prperties are labeled as "default_prop"
because public/property_contexts is not used. Thus they can't be set
by the hal.
* To tackle the problem, label them as "wifi_prop" in
private/property_contexts which also works on devices without compatible
property. The label will be overridden later by
public/property_contexts rules if exist.
Change-Id: If8b8bd5bea64f2ea08864cc62f6dc405cb394e00
In order for system_server to report ION allocations in dumpsys meminfo
report it needs access to ION sysfs nodes.
Bug: 138148041
Test: dumpsys meminfo
Change-Id: I8b1efebe8f4b06a3975e96ddd6a8cbcacdb52fb2
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Also allow binder service "incremental_service" to be found by service
manager.
Test: boots
BUG: 136132412
Change-Id: I3584a9b69a7e1909f096e3c4579c1834bdfba22e
* changes:
Allow audio_server to access soundtrigger_middleware service
Allow soundtrigger_middleware system service
Allow system service to access audio HAL (for soundtrigger)
This can be used as an existence check on a process
before calling kill (which is already granted).
Addresses:
avc: denied { signull } for comm="Binder:1328_1"
scontext=u:r:system_server:s0 tcontext=u:r:webview_zygote:s0
tclass=process permissive=0
Bug: 143627693
Test: build
Change-Id: I01dfe3c0cb2f4fec2d1f1191ee8243870cdd1bc6
When an OTA is downloaded, the RecoverySystem can be triggered to store
the user's lock screen knowledge factor in a secure way using the
IRebootEscrow HAL. This will allow the credential encrypted (CE)
storage, keymaster credentials, and possibly others to be unlocked when
the device reboots after an OTA.
Bug: 63928581
Test: make
Test: boot emulator with default implementation
Test: boot Pixel 4 with default implementation
Change-Id: I1f02e7a502478715fd642049da01eb0c01d112f6
PackageManager tries to scan /apex (apex_mnt_dir) for flattened apexes.
Previously, because /apex was blindly bind-mounted to /system/apex for
"flattened" apexes, the label for /apex is the same as /system/apex,
which is oaky for system_server to handle it.
But to support flattened apexes from other partitions such as /vendor or
/system_ext, every apex should be mounted under /apex individually,
which leaves the se-label of /apex unchanged (apex_mnt_dir).
Bug: 144732372
Test: boot with flattened apexes
see if there are errors "denied system_server with apex_mnt_dir"
Change-Id: I81bd6ab152770c3c569b22274a6caa026615303e
ro.apk_verity.mode was introduced in P on crosshatch. This change
changes the label from default_prop to a new property, apk_verity_prop.
ro.apk_verity.mode is set by vendor_init per build.prop, in order to
honor Treble split. It is also read by system_server and installd
currently.
Test: verify functioning without denials in dmesg
Bug: 142494008
Bug: 144164497
Change-Id: I1f24513d79237091cf30025bb7ca63282e23c739
