It is started very early before linker namespaces are configured, thus
making it a bootstrap process.
Bug: 263398430
Test: watch boottime benchmark
Change-Id: I60411601a6be78f8401e43d136b567615002797c
* changes:
Allow biometrics hals to talk to the new AIDL sensorservice
Allow audio HAL to talk to the new AIDL sensorservice
Allow camera to talk to the new AIDL sensorservice
The process has the exclusive access to /dev/hw_random. It instead opens
provides a socket (/dev/prng_seeder/socket) which any process can
connect to to get random numbers.
This CL is basically a Microdroid version of aosp/2215051
Bug: 247781653
Test: same as aosp/I0a7e339115a2cf6b819730dcf5f8b189a339c57d
* Verify prng_seeder daemon is running and has the
correct label (via ps -Z)
* Verify prng_seeder socket present and has correct
label (via ls -Z)
* Verify no SELinux denials
* strace a libcrypto process and verify it reads seeding
data from prng_seeder (e.g. strace bssl rand -hex 1024)
* strace seeder daemon to observe incoming connections
(e.g. strace -f -p `pgrep prng_seeder`)
Change-Id: I3483132ead0f5d101b5b3365f78cc36d89528f0e
This is being used in libsensorndkbridge now, so permissions are
required.
Test: atest CtsCameraTestCases && adb logcat | grep avc
Bug: 205764765
Change-Id: Id416cc2f92ba82d4068376a5f4d076137aab086a
This is being used in libsensorndkbridge now, so permissions are
required.
Test: atest CtsCameraTestCases && adb logcat | grep avc
Bug: 205764765
Change-Id: I7a1569b8b4e2a21961f3950fa3947b5e20fc674b
In the other change in the same topic microdroid_manager starts to drop
the capabilities before execve'ing the payload binary.
Test: m
Bug: 243633980
Change-Id: Ia70d15db413c822b174a708dedfa5557c8abde65
Note that this HAL is meant only as a workaround until the OEMs will
switch to the AIDL audio HAL.
Test: bluejay-userdebug
Bug: 257937004
Change-Id: Id01da9606f73354a01a94aace8a8966a09038fda
Widevine provisioning was causing SELinux policy issues since we need to
provision Widevine through MediaDrm framework.
Test: presubmits
Change-Id: Ia9d070309e84599ed614bbf5ba35eed558f4d463
This is needed to prevent autosuspend when the framework is restarting
See: go/no-suspend-deadlocks
Bug: 255898234
Test: Check logcat for avc denials
Change-Id: I6313e28d0f2e4bc553881fcc3742dc74ca319b44
This CL adds a new cameraservice type to allow vendor clients of
cameraservice to query and find the stable cameraservice
implementation.
Bug: 243593375
Test: Manually tested that cameraservice can register a vendor facing
instance.
Change-Id: I61499406d4811c898719abcb89c51b4b8a29f4a7
This new service is exposed by system_server and available to all apps.
Bug: 259175720
Test: atest and check the log
Change-Id: I522a3baab1631589bc86fdf706af745bb6cf9f03
Start a new security domain for virtmgr - a child proces of an app that
manages its virtual machines.
Add permissions to auto-transition to the virtmgr domain when the client
fork/execs virtmgr and to communicate over UDS and pipe.
Bug: 250685929
Test: atest -p packages/modules/Virtualization:avf-presubmit
Change-Id: I7624700b263f49264812e9bca6b83a003cc929be
aosp/2291528 should have had the `binder_call` macro in hal_can.te be a
`binder_use` macro instead. This fixes that.
Bug: 170405615
Test: AIDL CAN HAL starts up and configures
Change-Id: I7b18c25afef5a243bf0bba7c77a682f7cff092a3
Otherwise, we will encounter SELinux denials like:
W binder:6200_7: type=1400 audit(0.0:327): avc: denied { read } for name="PrebuiltGmsCoreNext_DynamiteLoader.apk" dev="dm-51" ino=2576 scontext=u:r:artd:s0 tcontext=u:object_r:privapp_data_file:s0:c512,c768 tclass=lnk_file permissive=0
Bug: 262230400
Test: No longer see such SELinux denials.
Change-Id: Iccb97b1973f8efbe859b59e729f7a0194d05ba5e
Parts of its memory map are donated to guest VMs, which crashes the
kernel when it tries to touch them.
Ideally we would fix crash_dump to skip over such memory, but in
the meantime this would avoid the kernel crash.
Bug: 236672526
Bug: 238324526
Bug: 260707149
Test: Builds
Change-Id: I6c1eb2d49263ccc391101c588e2a3e87c3f17301
