The context name exported3_radio_prop is ambiguous and does not reflect
the usage and role of the properties. This changes its name to
radio_control_prop.
Some downstream branches are still using exported3_radio_prop, so
get_prop(domain, radio_control_prop) is added to avoid regression. It's
just a workaround and to be removed soon, after all exported3_radio_prop
are cleaned up.
Bug: 162214733
Test: boot a device with a sim and see basic functions work
Change-Id: If5fe3be7c64b36435c4ad0dc9a8089077295d502
Merged-In: If5fe3be7c64b36435c4ad0dc9a8089077295d502
The context name exported3_radio_prop is ambiguous and does not reflect
the usage and role of the properties. This changes its name to
radio_control_prop.
Some downstream branches are still using exported3_radio_prop, so
get_prop(domain, radio_control_prop) is added to avoid regression. It's
just a workaround and to be removed soon, after all exported3_radio_prop
are cleaned up.
Exempt-From-Owner-Approval: cherry pick
Bug: 162214733
Test: boot a device with a sim and see basic functions work
Change-Id: If5fe3be7c64b36435c4ad0dc9a8089077295d502
Merged-In: If5fe3be7c64b36435c4ad0dc9a8089077295d502
This is the stable AIDL binder interface that update_engine exposes in
addition to update_engine_service.
Test: run update_engine
Bug: 160996544
Change-Id: I28ba11810844373d48c8c203f79e98150f932942
This is to allow people service to publish a binder service that expose
system private APIs to retrive and manage the recent cached
conversations.
Test: build and run on a test device
Bug: 162593584
Change-Id: I31b5d8bc851ea7225e215b3f86ed6d47b32b1ba4
audiocontrol_hal, vehicle_hal and evs_hal were added to dump_util.cpp in
b/148098383. But the coresponding dumpstate.te is not updated to relfect
the changes, causing denials when dumpstate attempts to dump auto hal servers.
This CL updates dumpstate.te to allow dumpstate to access auto hal servers.
Bug: 162537916
Test: sesearch -A -s dumpstate -t hal_audiocontrol_server -p signal sepolicy
Test: sesearch -A -s dumpstate -t hal_vehicle_server -p signal sepolicy
Test: sesearch -A -s dumpstate -t hal_evs_server -p signal sepolicy
Change-Id: If6d6e4d9c547da17817f2668dc4f2a093bddd632
adbd and apps (SystemUI and CTS test apps) need to read it.
BUG: 162205386
Test: Connect to device which sets service.adb.tcp.port in vendor
partition through TCP adb.
Change-Id: Ia37dd0dd3239381feb2a4484179a0c7847166b29
Export the new bugreport entry which was added in b/111441001, similarly
to previously exported properties.
Bug: 161999587
Test: m selinux_policy
Change-Id: I139567ba028e90d3e07df94f57ccf7d5d5225209
This cleans up remaining exported2_default_prop. Three properties are
changed.
- ro.arch
It becomes build_prop.
- hal.instrumentation.enable
It becomes hal_instrumentation_prop.
- ro.property_service.version
It becomes property_service_version_prop.
Bug: 155844385
Test: selinux denial test on Pixel devices
Change-Id: I7ee0bd8c522cc09ee82ef89e6a13bbbf65291291
These 5 properties are all set by property_service, and their values are
same as ro.boot.X.
Bug: 155844385
Test: m selinux_policy
Change-Id: I98fdee73684dc670f61ecef83d6a749b4f24ff54
Merged-In: I98fdee73684dc670f61ecef83d6a749b4f24ff54
Most of the users already added dependencies when it was used, but a
couple didn't. These broken when I converted $(M4) into a built
artifact, as the artifact wasn't created before use.
Test: treehugger
Change-Id: Ic5c18131de84747e8b96413f61993fa777cb9d2c
ro.boot. properties assigned as "exported2_default_prop" are now
"bootloader_prop", to remove bad context name "exported2_default_prop".
Two things to clarify:
1) We have both the prefix entry and the exact entries. Although the
exact entries may be redundant, we may want to keep them. Vendors are
still allowed to have properties starting with "ro.boot." on
vendor_property_contexts file. The exact entries can prevent vendors
from modifying them to random contexts.
2) ro.boot. is special as it is originally for kernel command line
"androidboot.". But some ro.boot. properties are being used as if they
were normal. To avoid regression, ro.boot. properties having contexts
other than "exported2_default_prop" are not changed here. They will be
tracked later.
Bug: 155844385
Test: m selinux_policy
Change-Id: Ic0f4117ae68a828787304187457b5e1e105a52c7
Merged-In: Ic0f4117ae68a828787304187457b5e1e105a52c7
Instead of having hacky entry "init.svc." in vendor's sepolicy, this
adds init.svc.statsd explicitly which should be readable by CTS.
Bug: 161922998
Test: m selinux_policy
Change-Id: I3fd3bab40d2ccf2581bd7ab55894a693cdf446b2
Merged-In: I3fd3bab40d2ccf2581bd7ab55894a693cdf446b2
(cherry picked from commit 116190b004)
We have various apps which inherently work across all users,
configured in seapp_contexts with levelFrom=None (usually implicitly).
This change marks those apps, where they have private data files, as
mlstrustedsubject, to allow us to increase restrictions on cross-user
access without breaking them.
Currently these apps are granted full access to [priv_]app__data_file
via TE rules, but are blocked from calling open (etc) by mls rules
(they don't have a matching level).
This CL changes things round so they are granted access by mls, but
blocked from calling open by TE rules; the overall effect is thus the
same - they do not have access.
A neverallow rule is added to ensure this remains true.
Note that there are various vendor apps which are appdomain,
levelFrom=None; they will also need modified policy.
Test: builds, boots, no new denials.
Bug: 141677108
Change-Id: Ic14f24ec6e8cbfda7a775adf0c350b406d3a197e
