The binderfs in microdroid has been removed in aosp/2310572.
Bug: 222479468
Test: atest MicrodroidTests MicrodroidHostTests
Change-Id: I757ae39ebc841e8bb23300c4f65a3646ad8031fb
Add selinux policies required for formatting the crypt device.
1. Allow encryptedstore to execute mk2fs.
2. The execution will happen without domain transition - so add
permissions related to formatting the device.
3. Allow encryptedstore to write on /dev/vd device - required to zero
starting bits initially
Test: Run vm with --storage & --storage-size option
Bug: 241541860
Change-Id: I9766e3c67e47a58707beee8b3a156944e3b0a9ce
As servicemanager is removed from microdroid.
Bug: 222479468
Test: atest MicrodroidTests MicrodroidHostTests
Change-Id: Ie39e4b214f297258f3dceecc11fa3d8289af3be4
Since the microdroid.servicemanager has been removed.
Bug: 222479468
Test: atest MicrodroidTests MicrodroidHostTests
Change-Id: I90228ca2d1bc3c66a6967412942e1c3372ed09ca
This cl removes SELinux policies related to
authfs_service / servicemanager communication as authfs_service
now uses rpc binder instead of servicemanager.
Bug: 257260848
Test: atest ComposHostTestCases
Change-Id: I3e3de94a837c95e8f486438cc6a76fea39ffc6f3
microdroid_manager has stdio_to_kmsg, so it's good to have the same
permission to microdroid_manager's children for better debuggability.
Bug: 259241719
Test: atest MicrodroidHostTestCases MicrodroidTestApp
Change-Id: Ibaaed365e970e6b9f2d458ccae4d128fd3b84f38
encryptedstore is Microdroid's dm-crypt based encryption solution. It
requires access to block device, mapper devices etc.
Test: Run a VM & look for sepolicy denials.
Bug: 241541860
Change-Id: I556f56a184fc7a1ea71d67c3e591cc567dab2431
To track any possible bugs on microdroid_manager.
Bug: 258760809
Test: intentionally crash microdroid_manager and see console
Change-Id: I6cd24f3129d153159d76115c833a80353aeee42a
This is needed to determine the host VirtualMachineService port number.
Bug: 245727626
Test: atest -p packages/modules/Virtualization:avf-presubmit
Change-Id: Iec58ce8adcac27f9ac5e6b07d53e6ef093c1193e
The payload can listen for inbound connections from the host (routed
via Virtualization Service), but should not be connecting out to the
host - by doing so a VM could connect to an unrelated host process.
(authfs still connects outbound, but has its own domain.)
Bug: 243647186
Test: atest MicrodroidTests ComposHostTestCases
Change-Id: I16d225975d6bcbe647c5fbff21b10465eacd9cb6
These are wrongly added to microdroid policy while bring up. The
permissions should be restricted to select domains.
Bug: 248478536
Test: atest MicrodroidTests MicrodroidHostTestCases
Change-Id: I9cd94728e84dfd4d69e1bc8e979d204d9d9afbd1
The DICE service is deleted and microdroid_maanger takes over the DICE
logic.
Bug: 243133253
Test: atest MicrodroidTests
Test: atest ComposHostTestCases
Change-Id: Idc4cb53f46aa0bc1f197c6267b05f6c5678a34ae
Allow zipfuse to signal to microdroid_manager via property when it is
ready.
Bug: 243513572
Test: atest MicrodroidTests (locally & via acloud)
Change-Id: Ifcf3d0924faa61ce87124a5ac55bd6a2b193cd99
The DICE HAL and diced are replaced with dice-service which implements
the diced services and also contains the HAL logic directly, without
exposing an implementation of the HAL service.
Bug: 243133253
Test: atest MicrodroidTests
Change-Id: Ia0edeadb04a3fdd37ee1a69a875a7b29586702c5
VintfObject will monitor for /apex directory for VINTF data.
Add permissions for service managers to read this data.
Bug: 239055387
Test: m && boot
Change-Id: I179e008dadfcb323cde58a8a460bcfa2825a7b4f
Allow microdroid_manager to start authfs when needed.
Migrate the authfs-related permissions from compos to
microdroid_payload, so it can be used by any payload.
Move a neverallow to the correct file.
Bug: 245262525
Test: atest MicrodroidTests MicrodroidHostTestCases
Test: atest ComposHostTestCases
Change-Id: I0f5eb9c11bdb427b1f78c9fc721c40de76add484
Previously in Microdroid, processes send log messages to logd over
socket and then logcat ran to hand the message to the host side over the
serial console.
That has changed. Now, the liblog library which processes use to emit
logs directly sends the given message to the serial console. Liblog does
this by reading a new system property ro.log.file_logger.path. When this
is set, liblog doesn't use the logd logger, but opens the file that the
sysprop refers to and writes logs there.
This change implments sepolicy side of the story.
* logd and logcat types are removed since they no longer are needed.
* existing references to those types are removed as well.
* a new property type `log_prop` is introduced and the two system
properties are labaled as log_prop
* all processes have read access to the system properties
* all processes have append access to /dev/hvc2
Bug: 222592894
Test: run microdroid, see log is still emitted.
Change-Id: I4c4f3f4fd0e7babeab28ddf39471e914445ef4da
/system/bin/kexec in Microdroid is now properly labeled as kexec_exec.
The binary is responsible for loading the crashkernel into memory so
that when a kernel panic occurs the crashkernel is executed to dump the
RAM.
Microdroid_manager executes the kexec binary as part of the boot
process. It does this only when the kernel is booted with a memory
reserved for the crashkernel, which is determined by checking if
`crashkernel=` is included in the cmdline. For this, it is allowed to
read /proc/cmdline.
Bug: 238404545
Test: boot microdroid
Change-Id: Id08ba9610e3849ba811367917df8dfcc1774b561
/proc/meminfo contains useful information about the amount of memory
available to the VM and the payload. Let microdroid_payload domain read
the file.
Test: atest MicrodroidBenchmarks
Change-Id: I22d4888cf84e78ce8ed0803e7ebdeb7fca370e1f
compos has the microdroid_payload attribute, so we don't need to
duplicate rules that apply to that. This .te should only have things
that differentiate compos from other payloads.
Test: Presubmits
Change-Id: Ib5b8c52f9a068a583fc1471ac6cf0e4aef906857
The fuse supports file contexts. Microdroid_manager no longer needs the
access to the fuse label.
Bug: 188400186
Test: run microdroid test
Change-Id: I9a17a96c6d07a466e1fa01d65279e467a874da3f