Commit graph

9115 commits

Author SHA1 Message Date
Alistair Delva
e7fc603518 Merge "Add missing permissions for default bluetooth hal" 2023-01-18 22:16:06 +00:00
Treehugger Robot
9b69f0de58 Merge "Allow mkfs/fsck for zoned block device" 2023-01-18 15:45:02 +00:00
Orion Hodson
2ff660e134 Merge "Additional sepolicy rules for dex2oat" 2023-01-18 11:35:39 +00:00
Jaegeuk Kim
b5f16b2392 Allow mkfs/fsck for zoned block device
Zoned block device will be used along with userdata_block_device
for /data partition.

Bug: 197782466
Change-Id: I777a8b22b99614727086e72520a48dbd8306885b
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
2023-01-17 17:59:28 -08:00
Lorenzo Colitti
b8194ca7fb Merge "Update SEPolicy for Tetheroffload AIDL" 2023-01-18 00:04:51 +00:00
Jiakai Zhang
7789460457 Allow artd to create dirs and files for artifacts before restorecon.
Bug: 262230400
Test: -
  1. Remove the "oat" directory of an app.
  2. Dexopt the app using ART Service.
  3. See no SELinux denials.
Change-Id: I717073b0172083d73a1b84e5c2bea59076663b2f
2023-01-18 01:07:49 +08:00
Orion Hodson
c09e7e4674 Additional sepolicy rules for dex2oat
Enable reading vendor overlay files and /proc.

Fix: 187016929
Test: m
Change-Id: I7df17b4fcc8a449abe2af4bc8394d0224243799c
2023-01-17 15:43:58 +00:00
Treehugger Robot
cc39bf74f1 Merge "Allow all system properties with the "pm.dexopt." prefix." 2023-01-17 01:24:34 +00:00
Jiakai Zhang
cda13660d7 Allow all system properties with the "pm.dexopt." prefix.
We use this as a namespace of all system properties used by ART Service.
As ART Service is in the updatable ART module, we need to be able to add
new properties.

Bug: 256639711
Test: Presubmit
Change-Id: Idcee583abccef9c0807699122074eb26927ca57b
2023-01-16 21:24:07 +08:00
Treehugger Robot
fa767b0e4a Merge "dontaudit crosvm reading VM's pipe" 2023-01-14 00:14:23 +00:00
Tri Vo
9a63dcb2ee Merge "Add rkpdapp access to remote_prov_prop" 2023-01-13 18:16:19 +00:00
David Brazdil
28e9b97993 Merge "virtualizationservice: Allow checking permissions" 2023-01-13 13:00:48 +00:00
Treehugger Robot
c8882d3e23 Merge "refactor: get_prop(bpfdomain, bpf_progs_loaded_prop)" 2023-01-13 11:27:11 +00:00
Akilesh Kailash
bae423e9c5 Merge "Allow files to be created /metadata/ota" 2023-01-13 06:35:33 +00:00
Inseob Kim
42798af0cb dontaudit crosvm reading VM's pipe
Bug: 238593451
Test: boot microdroid and see console
Change-Id: I46712759240a9f091936c6a81bb02679c267b8b8
2023-01-13 14:08:16 +09:00
David Brazdil
ccf9164abc virtualizationservice: Allow checking permissions
Bug: 245727626
Test: atest -p packages/modules/Virtualization:avf-presubmit
Change-Id: Ia49d7db3edeb465fd8b851aed8646964ee6f5af2
2023-01-12 21:10:33 +00:00
Henri Chataing
9ff3423527 Add missing permissions for default bluetooth hal
Test: launch_cvd
Bug: 205758693
Change-Id: Ie55352bbe48c5eef281a293bedc5aa057f5dcdad
Merged-In: Ie55352bbe48c5eef281a293bedc5aa057f5dcdad
2023-01-12 19:02:57 +00:00
Tri Vo
7b9b6a04ed Add rkpdapp access to remote_prov_prop
Test: presubmit
Change-Id: I7f4593e580f9d762a38b6e1b3e9db7c74e3eb984
2023-01-12 09:50:28 -08:00
Thomas Nguyen
3445819d5a Add IRadioSatellite context
Bug: 260644201
Test: atest VtsHalRadioTargetTes

Change-Id: I43555e1f076cdf96fb0b7805cd664d7ba6798aec
2023-01-10 18:27:41 +00:00
Nathalie Le Clair
98e20da831 Merge "HDMI: Refactor HDMI packages" 2023-01-10 17:05:17 +00:00
Kalesh Singh
460c2ac995 Merge "suspend: Allow access to /sys/power/wake_[un]lock" 2023-01-09 17:55:09 +00:00
Alan Stokes
c5b914670f Suppress harmless denial
Commit 2d736569e716b5c143f296ae124bcfed9630a4d2 improved the logging
in virtualization service by attempting to get the real path from
/proc/self/fd/N for various files.

However, CompOS stores its log files in a directory
(/data/misc/apexdata/...) which VS has no access to, triggering an
SELinux denial:

avc: denied { search } for name="apexdata"
scontext=u:r:virtualizationmanager:s0
tcontext=u:object_r:apex_module_data_file:s0 tclass=dir

Suppress this denial, since it causes no harm (we just don't log the
real path).

Bug: 264496291
Bug: 251751405
Test: composd_cmd test-compile;
 see no denials
Change-Id: Ia55e593c0c0735b8f3085a964f0c789c177375f2
2023-01-09 11:34:52 +00:00
Thiébaud Weksteen
d03656b281 Merge "Grant SIGTERM and SIGKILL to dumpstate on incident" 2023-01-09 02:02:48 +00:00
Bill Yi
8c544a4c73 Merge "Merge TQ1A.230105.002 to aosp-master - DO NOT MERGE" 2023-01-06 19:33:52 +00:00
Bill Yi
15ee6d11bc Merge TQ1A.230105.002 to aosp-master - DO NOT MERGE
Merged-In: I9acac60411da6eee86246a9e375b35dfb61691d1
Merged-In: If343dba5dae2821fa345135abafb891e85be5574
Change-Id: Ia868a5a11f13d47bf11fbb21b3d5cee12d7c8c99
2023-01-06 07:13:50 -08:00
Maciej Żenczykowski
60f4a34544 refactor: get_prop(bpfdomain, bpf_progs_loaded_prop)
Based on:
  cs/p:aosp-master -file:prebuilts/ get_prop.*bpf_progs_loaded_prop

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: If07026b1ea5753a82401a62349c494b4cbf699b6
2023-01-06 10:09:33 +00:00
David Brazdil
55d808c28c Start using virtmgr for running VMs
Split virtualizationservice policy into rules that should remain with
the global service and rules that now apply to virtmgr - a child process
of the client that runs the VM on its behalf.

The virtualizationservice domain remains responsible for:
 * allocating CIDs (access to props)
 * creating temporary VM directories (virtualization_data_file, chown)
 * receiving tombstones from VMs
 * pushing atoms to statsd
 * removing memlock rlimit from virtmgr

The new virtualizationmanager domain becomes responsible for:
 * executing crosvm
 * creating vsock connections, handling callbacks
 * preparing APEXes
 * pushing ramdumps to tombstoned
 * collecting stats for telemetry atoms

The `virtualizationservice_use` macro is changed to allow client domains
to transition to the virtmgr domain upon executing it as their child,
and to allow communication over UDS.

Clients are not allowed to communicate with virtualizationservice via
Binder, only virtmgr is now allowed to do that.

Bug: 250685929
Test: atest -p packages/modules/Virtualization:avf-presubmit
Change-Id: Iefdccd908fc28e5d8c6f4566290e79ed88ade70b
2023-01-05 17:39:39 +00:00
Jiakai Zhang
d09a14baee Merge changes from topic "artd-sepolicy-b254013425"
* changes:
  Allow artd to scan directories for cleaning up obsolete managed files.
  Allow system_server to read /data/misc/profman.
2023-01-04 17:43:24 +00:00
Treehugger Robot
6baccc1d8e Merge "EARC: Add Policy for EArc Service" 2023-01-04 03:30:47 +00:00
KH Shi
8ae99b5e5f Update SEPolicy for Tetheroffload AIDL
Bug: b/205762647
Test: m
Change-Id: Iaf87e8a64a4a1af20f54e3c09c31d051acf549a1
2023-01-04 11:28:47 +08:00
Thiébaud Weksteen
3b1c843976 Grant SIGTERM and SIGKILL to dumpstate on incident
Bug: 238705597
Test: reduce timeout on incident; trigger bugreport; no denials
Change-Id: If70f9969165f4b8e4f1849d9dd6035503de87eb2
2023-01-04 12:57:11 +11:00
Jiakai Zhang
440ae7883e Allow artd to scan directories for cleaning up obsolete managed files.
Bug: 254013425
Test: -
  1. adb shell pm art cleanup
  2. See no SELinux denials.
Change-Id: Idf4c0863810e1500a7e324811f128400bdfcb98c
2023-01-03 16:48:41 +00:00
Jiakai Zhang
10aa6465d9 Allow system_server to read /data/misc/profman.
Before this change, system_server only has write access. We want read
access the directory so that we can check if it has the right
permissions before we write to it.

Bug: 262230400
Test: No longer see SELinux denials on that directory.
Change-Id: Ic26b2a170031c4f14423b8b1f1a8564d64f532ae
2023-01-03 16:48:11 +00:00
Akilesh Kailash
f10e232277 Allow files to be created /metadata/ota
This is required during OTA. File will be removed
once OTA update is completed.

Bug: 262407519
Test: OTA on Pixel
Change-Id: I8922ebaaa89f9075fe47d2b74f61071b657850f0
Signed-off-by: Akilesh Kailash <akailash@google.com>
2023-01-02 21:13:43 -08:00
Andy Hung
a8b6900a49 audio HAL: SELinux changes for Spatial Audio optimization
Add CAP_SYS_NICE.
Reduce glitches caused by core migration.
Reduce power consumption as Spatializer Effect is DSP compute bound.

Test: instrumented
Test: adb shell 'uclampset -a -p $(pgrep -of android.hardware.audio.service)'
Test: adb shell cat "/proc/$(adb shell pgrep -of android.hardware.audio.service)/status"
Test: adb shell 'ps -Tl -p $(pgrep -of android.hardware.audio.service)'
Bug: 181148259
Bug: 260918856
Bug: 261228892
Bug: 261686532
Bug: 262803152
Ignore-AOSP-First: tm-qpr-dev fix, will move to AOSP afterwards.
Merged-In: Id5f052116834034a9e4fd5c3adf17d3d7ef6610a
Change-Id: Id5f052116834034a9e4fd5c3adf17d3d7ef6610a
2022-12-28 16:55:07 -08:00
Venkatarama Avadhani
5a86d5f3f3 HDMI: Refactor HDMI packages
Organize the HDMI packages into CEC, EArc and connection under a common
hdmi package.

Bug: 261729059
Test: atest vts_treble_vintf_framework_test
      atest vts_treble_vintf_vendor_test
Change-Id: Ief5bff996028775ea355b392a4028a091fb83b99
2022-12-27 18:15:26 +05:30
Venkatarama Avadhani
0f0861af8f EARC: Add Policy for EArc Service
Test: atest vts_treble_vintf_framework_test
      atest vts_treble_vintf_vendor_test
Bug: 240388105
Change-Id: I561f647a68553fa0134f2e1bd65b0f18dd1785f1
2022-12-27 18:11:36 +05:30
Treehugger Robot
3ca356b7df Merge "Allow system_server to enable fs-verity." 2022-12-21 01:24:43 +00:00
Alex Buynytskyy
ff577a00b8 Allow system_server to enable fs-verity.
Bug: 253568736
Test: atest PackageManagerSettingsTests
Change-Id: I2fc59d6441eca95b349aebaa633a15584c7ef744
2022-12-20 15:36:26 -08:00
Florian Mayer
c7c6d49939 Merge "Allow system_server to set arm64 memtag property" 2022-12-20 19:04:03 +00:00
David Brazdil
3e61a33df5 Merge "Create virtmgr domain and initial policy" 2022-12-20 08:17:05 +00:00
Treehugger Robot
62894399c3 Merge "Add SELinux policy for sound dose HAL" 2022-12-19 19:07:32 +00:00
Florian Mayer
152f832904 Allow system_server to set arm64 memtag property
Bug: 262763327
Bug: 244290023
Test: atest MtePolicyTest on user build
Test: manually with TestDPC
Change-Id: If1ed257fede6fa424604eed9775eb3a3b8365afe
2022-12-16 16:58:36 -08:00
Vlad Popa
48dd5f7ac4 Add SELinux policy for sound dose HAL
Note that this HAL is meant only as a workaround until the OEMs will
switch to the AIDL audio HAL.

Test: bluejay-userdebug
Bug: 257937004
Change-Id: Id01da9606f73354a01a94aace8a8966a09038fda
2022-12-16 21:42:06 +01:00
Treehugger Robot
a0f59cffe2 Merge "Remove dalvik.vm.usejitprofiles system property." 2022-12-16 18:51:08 +00:00
Vikram Gaur
ebe25efd66 Merge "Fix permission issue for widevine mediaservices." 2022-12-15 19:13:12 +00:00
Vikram Gaur
91f5c53adf Fix permission issue for widevine mediaservices.
Widevine provisioning was causing SELinux policy issues since we need to
provision Widevine through MediaDrm framework.

Test: presubmits
Change-Id: Ia9d070309e84599ed614bbf5ba35eed558f4d463
2022-12-15 17:14:04 +00:00
Sandro
f7894fc62e Allow sdk_sandbox to read files/directory in /data/local/tmp
The /data/local/tmp directory is used by the CTS tests infrastructure to
store various data, like the list of tests to include/exclude after
failures
http://cs/android-internal/tools/tradefederation/core/test_framework/com/android/tradefed/testtype/AndroidJUnitTest.java;l=333-347;rcl=bbd3902197b7de1a99aef4c22db8e14e4dbf1157

Without this CL, CTS modules that attempt to re-execute failures will
get a '[INSTRUMENTATION_CRASH|SYSTEM_UNDER_TEST_CRASHED]' error.

Test results before/after this CL:
Before: http://ab/I04600010115474754
After: http://ab/I65000010115426482
Note the absence of "Module error" in the second case
https://screenshot.googleplex.com/C6Ui3GdfgQBt8bp
https://screenshot.googleplex.com/BDHKFfKJjnqVYpj

Bug: 261864298
Test: atest CtsBluetoothTestCases --retry-any-failure -- --enable-optional-parameterization --enable-parameterized-modules --module-parameter run_on_sdk_sandbox
Change-Id: Ibbb196f8c0ef1df320885ed8c56f20172f83d583
2022-12-15 10:29:36 +00:00
Calvin Pan
f56dfeb2d4 Merge "Add grammatical_inflection service" 2022-12-15 07:38:01 +00:00
Avichal Rakesh
95ecfc2f33 Merge "cameraservice: Add selinux policy for vndk cameraservice." 2022-12-14 22:49:47 +00:00