The immediate use is to read the dumped process's selinux label, but
we'll want to add more information that relies on this (e.g. process
uptime via parsing /proc/$PID/stat).
Test: treehugger
Change-Id: I6be6082abd2091366517c17d02154678652058d6
The updated font files will be stored to /data/fonts/files and
all application will read it for drawing text.
Thus, /data/fonts/files needs to be readable by apps and only writable
by system_server (and init).
Bug: 173517579
Test: atest CtsGraphicsTestCases
Test: Manually done
Change-Id: Ia76b109704f6214eb3f1798e8d21260343eda231
Add selinux policy so the app hibernation system service can be accessed
by other processes/apps.
Bug: 175829330
Test: builds
Change-Id: I96ea9dd977ec007bc11560601554547749b4df03
Also move verity_status_prop to system_restricted_prop since we
need to query it in cts tests
Bug: 175236047
Test: atest CtsNativeVerifiedBootTestCases
Change-Id: I82b26edaf5c5ad233bd83dff77eaafb9174646ef
adbd reads this property.
Bug: 176210699
Test: boot the system image, check if adb works
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: I78847022413100331678b68a720aa1f1c8a31130
This is a shared part that all NN HAL users otherwise would have to
define themselves.
Bug: 172922059
Test: m
Test: VtsHalNeuralnetworksTest on master (locally)
Change-Id: I3616d0afbb115bc0feaed00488855646633da915
This change gives system_server read permissions to SurfaceFlinger in
order to pin it with PinnerService.
Bug: 176197656
Test: adb shell dumpsys pinner
/system/bin/surfaceflinger was successfully pinned.
Change-Id: Ic845eebe298ec2d602b86003c07889f37fc44159
IncFS in S adds a bunch of new ioctls, and requires the users
to read its features in sysfs directory. This change adds
all the features, maps them into the processes that need to
call into them, and allows any incfs user to query the features
Bug: 170231230
Test: incremental unit tests
Change-Id: Ieea6dca38ae9829230bc17d0c73f50c93c407d35
This reverts commit dd4b578c25.
Reason for revert: bug_map is only compiled into vendor partition so this doesn't work for GSI.
Change-Id: I653b937495be93a4de288e7df7525fd7504fa0f6
This is a follow-up to r.android.com/1542764.
1. In order to allow priv_app to
stat(/data/misc/perfetto-traces/bugreport/*) we need
also the `search` permission to traverse the parent
directory /data/misc/perfetto-traces.
2. Allow shell to read the new bugreport/ directory.
shell can read bugreports anyways and this is needed
for CTS tests.
Bug: 177761174
Bug: 177684571
Test: manual (changpa@)
Change-Id: I39d6a1c7941bcdcdc314a7538c0accfd37c52ca2
auditd : type=1400 audit(0.0:104): avc: denied
{ write } for comm="Binder:1830_4" name="tasks" dev="tmpfs" ino=16681
scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file
permissive=0
As described in aosp/1552554, these denials seems to be triggered by
timing issues thus being caught by DeviceBootTest. Add these dontaudit
lines so these errors don't block normal feature development.
Bug: 177187042
Test: SELinuxUncheckedDenialBootTest on S-on-Q device configuration
Change-Id: I5e8754aae5a58e26c98c97664eac0fd9febb9d33
To support multi-client resume on reboot, the recovery system
service want to query the active boot slot on the next boot; and
abort the reboot if the active slot is different from clients'
expectation.
Denial:
SELinux : avc: denied { find } for interface=android.hardware.boot::IBootControl
sid=u:r:system_server:s0 pid=1700 scontext=u:r:system_server:s0
tcontext=u:object_r:hal_bootctl_hwservice:s0 tclass=hwservice_manager permissive=1
Bug: 173808057
Test: adb shell cmd recovery reboot-and-apply ota reason
Change-Id: I6a303d8dcbae89a2287d96ae3116109e2a43bbd6
(and while we're at it make sure noone else creates subdirs)
Resolves:
avc: denied { create } for comm="bpfloader" name="tethering" scontext=u:r:bpfloader:s0 tcontext=u:object_r:fs_bpf:s0 tclass=dir
Test: builds and boots with bpfloader changes
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I27a4e0793ed039feab84ac5658e36b68dcca2631
