Metrics are written to /data/misc/odrefresh by odrefresh during early
boot, then native code in ART system_server initialization passes them
to statsd and deletes the metrics files. This hand-off is necessary
because statsd does not start until after odsign and odrefresh have run.
Bug: 169925964
Test: manual
Change-Id: I8054519a714907819886dd6e5e78f3b5796d0898
ART runtime will be using userfaultfd for a new heap compaction
algorithm. After enabling userfaultfd in android kernels (with SELinux
support), the feature needs policy that allows { create ioctl read }
operations on userfaultfd file descriptors.
Bug: 160737021
Test: Manually tested by exercising userfaultfd ops in ART
Change-Id: I9ccb7fa9c25f91915639302715f6197d42ef988e
This property is many years old and it does not have a property
context associated with it. It is set by the system server (in
particular, ConnectivityService code, in the Tethering module)
and read by init, which does:
on property:net.tcp_def_init_rwnd=*
write /proc/sys/net/ipv4/tcp_default_init_rwnd ${net.tcp_def_init_rwnd}
There is no need to add read access to init because init can read
and write any property.
Test: m
Fix: 170917042
Change-Id: I594b09656a094cd2ef3e4fd9703e46bf7b2edd4c
This property is written by an .rc file - see aosp/1553819 - and
read by the connectivity mainline code in the system server.
Test: m
Bug: 182333299
Change-Id: Ibac622f6a31c075b64387aadb201ad6cdd618ebd
The persistent data block is protected by a copy-on-write scratchpad when
running a Dynamic System Update (DSU). The copy-on-write scratchpad
uses a backing file for write operations. This CL adds permissions
to write the backing file for the PersistentDataBlockService.
Bug: 175852148
Test: gsi_tool install & vts_kernel_net_tests
Change-Id: Id0efe407e707fc382679c0eee249af52f877f5d2
Create contexts for /sys/kernel/tracing/instances/bootreceiver
Allow read access to files in this dir for system_server.
Bug: 172316664
Bug: 181778620
Test: manual runs with KFENCE enabled
Signed-off-by: Alexander Potapenko <glider@google.com>
Change-Id: I7021a9f32b1392b9afb77294a1fd0a1be232b1f2
As part of the keystore2 requirement, we give the keys used for
resume on reboot a separate context in keystore. And grant system
server the permission to generate, use and delete it.
Bug: 172780686
Test: resume on reboot works after using keystore2
Change-Id: I6b47625a0864a4aa87b815c6d2009cc19ad151a0
Revert submission 1572240-kernel_bootreceiver
Reason for revert: DroidMonitor: Potential culprit for Bug 181778620 - verifying through Forrest before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.
Reverted Changes:
Ic1c49a695:init.rc: set up a tracing instance for BootReceive...
I828666ec3:Selinux policy for bootreceiver tracing instance
Change-Id: I9a8da7ae501a4b7c3d6cb5bf365458cfd1bef906
Create contexts for /sys/kernel/tracing/instances/bootreceiver
Allow read access to files in this dir for system_server.
Bug: 172316664
Test: manual runs with KFENCE enabled
Signed-off-by: Alexander Potapenko <glider@google.com>
Change-Id: I828666ec3154aadf138cfa552832a66ad8f4a201
We no longer use this sysprop-based interface for communication between
Traceur and Perfetto, this change removes the associated policy.
Test: atest TraceurUiTests
Bug: 179923899
Change-Id: Ic59d866d3c75a3f804f6c19a703d6d10560c627a
Revert submission 1582845-qemu-prop
Reason for revert: aosp_hawk-userdebug is broken on an RVC branch
Reverted Changes:
Idfc2bffa5:Add qemu.hw.mainkeys to system property_contexts
If013ff33f:Remove qemu.hw.mainkeys from vendor_qemu_prop
Bug: 180412668
Change-Id: I335afb931eaeb019f66e3feedea80b0c8888f7a3
system_server must be allowed to create process groups in behalf of
processes spawned by the app zygote
Bug: 62435375
Bug: 168907513
Test: verified that webview processes are migrated in their own process
group
Change-Id: Icd9cd53b759a79fe4dc46f7ffabc0cf248e6e4b8
Bug: 168907513
Test: verified the correct working of the v2 uid/pid hierarchy in normal
and recovery modes
This reverts commit aa8bb3a29b.
Change-Id: Ib344d500ea49b86e862e223ab58a16601eebef47
Recently, WatchDog gained the ability to query AIDL HAL PIDs in order to
amend ANR reports. However, since this was tested on cuttlefish (and
b/65201432 means that system_server is permissive), the denial was not
enforced, and broke ANRs in the dogfood population.
Fixes: 179753319
Test: simulate hanging w/ 'adb shell am hang', and the following denial
no longer occurs:
02-10 00:50:05.719 200 200 E SELinux : avc: denied { list } for
pid=575 uid=1000 name=service_manager scontext=u:r:system_server:s0
tcontext=u:r:servicemanager:s0 tclass=service_manager permissive=1
Change-Id: I210527ad7492b155d7cf08c7d67894ef602d37a6
This is needed because Wifi module needs to import and
generate keys and it runs in system_server.
Also, remove "grant" from system_app and system_server
since there is no need to grant any keys.
Test: Create an enterprise wifi config with EAP-TLS
Bug: 171305388
Change-Id: I50c25f2fe52e968c8cdf1ea20d110f9f052699db
