Allow `otapreopt_chroot` to:
- read SELinux policy files;
- open and read the contents of `/postinstall/system/apex`;
- read the `persist.apexd.verity_on_system` system property;
- create loop devices with `/dev/loop-control`;
- access loop devices;
- configure read-ahead of loop devices;
- mount a tmpfs filesystem in `/postinstall/apex`;
- manipulate the tmpfs filesystem mounted in `/postinstall/apex`;
- mount APEX packages in `/postinstall/apex`.
Allow the kernel to:
- read `otapreopt_chroot`'s file descriptors;
- read files under `/postinstall`.
Allow `otapreopt` (running as "postinstall_dexopt") to:
- read data from `/postinstall/apex`.
Allow `dex2oat` to:
- access `/postinstall/apex`.
Test: A/B OTA update test (asit/dexoptota/self_full).
Bug: 113373927
Bug: 120796514
Change-Id: I204df92611dc710fdc97b22cd67d088ffd991210
The testharness service will manage Test Harness Mode and provide a
command-line interface for users to enable Test Harness Mode; however it
does not directly provide a public API.
Bug: 80137798
Test: make
Test: flash crosshatch
Change-Id: Ie396e40fcea8914b4dd2247f2314e029b66ad84e
IAllocator and IMappaer are being rev'd to 3.0. Update sepolicy to
allow them to be used.
Test: compile with allocator/mapper patches add boot the device
Bug: 120493579
Change-Id: Id241c6bd79c02ec93d8dd415539f90a18f733d03
Used to capture and restore app data snapshots as implemented in change
I3e4d36c11e52fb885b585b1946e215cf986206fd.
Test: make, manual
Bug: 112431924
Change-Id: I1cd1ec3f9c93c4af65b662a5ada582299b595a8f
Getting rid of the feature in aosp/874979.
See other CL and bug for context.
Bug: 122987614
Bug: 122987614
Test: run dumpstate before and after patch,
file sizes are comparable,
observed no tracing-related errors.
Change-Id: Ifcde8dcbb99ce53d226b50ddd3178adaaa4322bd
The backup system service will move its storage location to per-user CE
directories to support multiple users. Add additional iterations on the
existing rules to support the new location.
/data/backup -> /data/system_ce/[user id]/backup
Previously covered by rule backup_data_file
/cache/backup -> /data/system_ce/[user id]/backup_stage
Previously covered by rule cache_backup_file
Also add support for vold to create and perform restorecon on the new
locations.
Example denials and detailed proposal in the doc on the linked bug.
Bug: 121197420
Test: 1) Boot device; check dirs created with correct label; run backup
successfully on system user
2) Create secondary user; check dirs created with correct label; run
backup successfully
Change-Id: I47faa69cd2a6ac55fb762edbf366a86d3b06ca77
This allows fs_mgr in init to build loopback device and its control.
Bug: 74582279
Change-Id: I039cd57d4638870a59dd38c952d3ab9b671be545
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
These are APEX files in /data/staging, and will be accessed by the loop
driver in the kernel.
Bug: 118865310
Test: no denials on emulator
Change-Id: I5c849b6677566cb00d28011352b9dc6b787a0bc4
These dontaudit rules were in place to suppress SELinux denials due to
file descriptor leakage. The file descriptor leakage has been fixed, so
these rules are no longer necessary. Delete.
Fixes: 120983106
Test: cts-tradefed run cts-dev -m CtsRenderscriptTestCases
Change-Id: I5cad79c3526583bd2b65bd089fee9c490f6beb5e
Define a rollback_data_file label and apply it to the snapshots
directory. This change contains just enough detail to allow
vold_prepare_subdirs to prepare these directories correctly.
A follow up change will flesh out the access policy on these
directories in more detail.
Test: make, manual
Bug: 112431924
Change-Id: I4fa7187d9558697016af4918df6e34aac1957176
config sepolicy to allow netd to write to statsd.
Test: run runtests.sh, make sure no missing test and get all pass
run /out/host/linux-x86/bin/statsd_testdrive 82
Got following metric data dump:pass for local test
Bug: 119862317
Change-Id: Ieff5ca55de46715d54ef57c4a6d144fd7d03e4b7
avc: denied { ioctl } for pid=599 comm="mke2fs" path="/dev/block/sda13" dev="tmpfs" ino=18975 ioctlcmd=127b scontext=u:r:recovery:s0 tcontext=u:object_r:userdata_block_device:s0 tclass=blk_file
avc: denied { ioctl } for pid=587 comm="mke2fs" path="/dev/block/sda20" dev="tmpfs" ino=17931 ioctlcmd=0x127b scontext=u:r:recovery:s0 tcontext=u:object_r:metadata_block_device:s0 tclass=blk_file
0x127b (BLKPBSZGET) is called by mke2fs that queries physical sector
size. Although the denial is currently non-fatal, as mke2fs falls back
to use logical sector size, it might lead to undesired result in future.
Test: Factory reset on taimen and blueline respectively.
Change-Id: I14fc6593aeae309c79f5eadcffc8158b0a2ab2f6
The network stack needs access to TelephonyManager#getAllCellInfo to
send network conditions broadcasts.
Bug: 122843997
Test: Flashed, verified violation not shown and cell info obtained
properly.
Change-Id: I6ef2858c9a2d1fbbb993164a93bd985e0eee8887
For experiment flag testing, we add a flag netd and have
SEPolicy updates.
Test: add sepolicy, m -j, check GetServerConfigurableFlag function in netd
Bug:122050512
Change-Id: I21c844c277afc358085d80447f16e4c0d4eba5b3
This change installs *_contexts files to the same location on Treble and
non-Treble devices.
This was previously not possible because first stage mount was not
required on all platforms. It is now b/79758715.
Bug: 70851112
Test: m selinux_policy
Change-Id: I8124c59b129aef86d78d2ae4ebcfaecd896032fc
In order to boot into GSI, we need init's second-stage block-device
machinery to relable metadata. This will allow it to format / mount
the block device later
Bug: 121209697
Test: device boots
Change-Id: I4e63151767345976b5667df74530cd69fffcfa89
Signed-off-by: Sandeep Patil <sspatil@google.com>