This reverts commit e3245a40df.
Reason for revert: Check for missing dependency is added now. It should fix builds on master-art branch.
Bug: 253648584
Change-Id: I1ecd4521a1038ace711a4abeb0964b764ad5bc94
These are wrongly added to microdroid policy while bring up. The
permissions should be restricted to select domains.
Bug: 248478536
Test: atest MicrodroidTests MicrodroidHostTestCases
Change-Id: I9cd94728e84dfd4d69e1bc8e979d204d9d9afbd1
Panic only if missing dependencies are not allowed while checking
fuzzer bindings. This fix should breakages on branches like master-art
where SOONG_ALLOW_MISSING_DEPENDENCIES is set.
Bug: 246590424
Test: m
Change-Id: I0f908f27de5f761495848f461c7d479117f9feda
We want to more closely monitor the system properties that the
sdk_sandbox has access to.
Bug: 210811873
Test: adb logcat | grep "r:sdk_sandbox"
Change-Id: I0d590374e931ca41d5451cd7c2de5b02fee619e9
For post-OTA boot, we run a userspace block device daemon to mount /system.
However if we let the daemon run while loading sepolicy, it would spam permissive audits.
Since sepolicy is still not enforced yet, we can supress these
audit messages.
Bug: 240321741
Test: Full OTA on pixel
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I0af484f95b6a1deb41498d67de82afd3c6bb29b6
This reverts commit f38fb73371.
Bug: 246590424
Reason for revert: Breaks projects which don't include a full tree (eg master-art)
Change-Id: I2a87bde5e959e9a700f0569d2ccf7894ea3dc7ab
All remote access HAL needs to register itself to service manager,
so add the policy to system/sepolicy/vendor.
Test: Manually run cf_x86_64_auto, verify remote access HAL is
running.
Bug: 241483300
Change-Id: If8c1162eecfcce4792e6309ba351c498e8117687
The DICE service is deleted and microdroid_maanger takes over the DICE
logic.
Bug: 243133253
Test: atest MicrodroidTests
Test: atest ComposHostTestCases
Change-Id: Idc4cb53f46aa0bc1f197c6267b05f6c5678a34ae
Allow zipfuse to signal to microdroid_manager via property when it is
ready.
Bug: 243513572
Test: atest MicrodroidTests (locally & via acloud)
Change-Id: Ifcf3d0924faa61ce87124a5ac55bd6a2b193cd99
...and crosvm to access a listener socket when passed to it by file
descriptor from virtualizationservice.
Bug: 235579465
Test: Start a VM
Change-Id: I7e89cfb4fb8a1ce845eaea64a33dbaad6bff9969
We need to separate out the feature flags in use by remote key
provisioning daemon (RKPD). For this, I have set up a new namespace
remote_key_provisioning_native. This change adds the SELinux policies to
make sure appropriate permissions are present when accessing the feature
flag for read/write.
Change-Id: I9e73a623f847a058b6236dd0aa370a7f9a9e6da7
Test: TreeHugger
To prevent race condition on a profile, the app holds a flock when writing the profile, and profman needs to hold a flock to read it. This
is not ideal because either side can get blocked by the flock.
We want to avoid using flock and do it in a move-based way: instead of
mutating the profile in place, the app creates a temp file next to it,
works on the temp file, and replaces the original file after it's done
(or deletes the temp file if it fails).
To achieve that, the app needs the remove_name permission.
Bug: 249522285
Change-Id: I16f27e6a9c5c3a7ab2ab8e24d3ad0a20119e16db
Test: Presubmit
