This is to fix the CTS failures given by the bugs below where devices
where traced is not enabled by default causes test failures.
(cherry picked from commit 673b4db777)
Bug: 78215159
Bug: 78347829
Change-Id: Ib0f6a1cdb770528dbbeb857368534ff5040e464e
This is to fix the CTS failures given by the bugs below where devices
where traced is not enabled by default causes test failures.
Bug: 78215159
Bug: 78347829
Change-Id: Ib0f6a1cdb770528dbbeb857368534ff5040e464e
Create a new label for /data/system/dropbox, and neverallow direct
access to anything other than init and system_server.
While all apps may write to the dropbox service, only apps with
android.permission.READ_LOGS, a signature|privileged|development
permission, may read them. Grant access to priv_app, system_app,
and platform_app, and neverallow access to all untrusted_apps.
Bug: 31681871
Test: atest CtsStatsdHostTestCases
Test: atest DropBoxTest
Test: atest ErrorsTests
Change-Id: Ice302b74b13c4d66e07b069c1cdac55954d9f5df
We're adding support for OEMs to ship exFAT, which behaves identical
to vfat. Some rules have been manually enumerating labels related
to these "public" volumes, so unify them all behind "sdcard_type".
Test: atest
Bug: 67822822
Change-Id: I09157fd1fc666ec5d98082c6e2cefce7c8d3ae56
We're adding support for OEMs to ship exFAT, which behaves identical
to vfat. Some rules have been manually enumerating labels related
to these "public" volumes, so unify them all behind "sdcard_type".
Test: atest
Bug: 67822822
Change-Id: I09157fd1fc666ec5d98082c6e2cefce7c8d3ae56
Values of the following properties are set by SoC vendors on some
devices including Pixels.
- persist.bluetooth.a2dp_offload.cap
- persist.bluetooth.a2dp_offload.enable
- persist.vendor.bluetooth.a2dp_offload.enable
- ro.bt.bdaddr_path
- wlan.driver.status
So they should be whitelisted for compatibility.
Bug: 77633703
Test: succeeded building and tested with Pixels
Change-Id: Ib2b81bcc1fd70ddd571dc7fb2b923b576d62b7d5
Merged-In: Ib2b81bcc1fd70ddd571dc7fb2b923b576d62b7d5
(cherry picked from commit 224921d18a)
Values of the following properties are set by SoC vendors on some
devices including Pixels.
- persist.bluetooth.a2dp_offload.cap
- persist.bluetooth.a2dp_offload.enable
- persist.vendor.bluetooth.a2dp_offload.enable
- ro.bt.bdaddr_path
- wlan.driver.status
So they should be whitelisted for compatibility.
Bug: 77633703
Test: succeeded building and tested with Pixels
Change-Id: Ib2b81bcc1fd70ddd571dc7fb2b923b576d62b7d5
This will allow adb shell getprop ro.vendor.build.security_patch to
properly return the correct build property, whereas previously it was
offlimits due to lack of label.
Test: adb shell getprop ro.vendor.build.security_patch successfully
returns whatever VENDOR_SECURITY_PATCH is defined to be in the Android
.mk files
Change-Id: Ie8427738125fc7f909ad8d51e4b76558f5544d49
This is a partial cherry pick of commit 6231b4d9
'Enforce per-app data protections for targetSdk 28+'.
Untrusted_app_27 remains unreachable, but it's existence
prevents future merge conflicts.
Bug: 63897054
Test: build/boot aosp_walleye-userdebug
Change-Id: I64b013874fe87b55f47e817a1279e76ecf86b7c0
Merged-In: I64b013874fe87b55f47e817a1279e76ecf86b7c0
(cherry picked from commit 6231b4d9fc)
A default value of persist.radio.multisim.config can be set by SoC
vendors, and so vendor-init-settable should be allowed to it.
Bug: 73871799
Test: succeeded building and tested with taimen
Change-Id: Ie62b91e7e3d7e05425b742838417f1cab7b3fed4
Merged-In: Ie62b91e7e3d7e05425b742838417f1cab7b3fed4
(cherry picked from commit ac8c6e3d44)
A default value of persist.radio.multisim.config can be set by SoC
vendors, and so vendor-init-settable should be allowed to it.
Bug: 73871799
Test: succeeded building and tested with taimen
Change-Id: Ie62b91e7e3d7e05425b742838417f1cab7b3fed4
This reverts commit 6f2040f873.
Reason for revert: not needed anymore after ag/3773705
This was meant to allow system_server toggling the property on/off.
Later we realized that we needed a separate property for that
(see discussion in b/76077784) and system server happens to
have already permissions to write to sys.* properties even without
this CL.
Reverting because at this point this creates just unnecessary clutter.
Change-Id: Ia73d000aad3c4288a5652047dfe10896e231b0b1
Test: perfetto_integrationtests
Bug: 76077784
This CL adds the SELinux permissions required to execute
atrace and get userspace tracing events from system services.
This is to enable tracing of events coming from surfaceflinger,
audio HAL, etc.
atrace, when executed, sets a bunch of debug.atrace. properties
and sends an IPC via binder/hwbinder to tell the services to
reload that property.
This CL does NOT affect systrace. In that case (i.e. when
atrace is executed from adb/shell) atrace still runs in
the shell domain and none of those changes apply.
Change-Id: I11b096d5c5c5593f18bce87f06c1a7b1ffa7910e
Merged-In: I11b096d5c5c5593f18bce87f06c1a7b1ffa7910e
Merged-In: Iba195d571aec9579195d79d4970f760e417608c6
Bug: b/73340039
Follow up to aosp/635599. It broke user builds again
despite being tree hugged because of b/74344625.
Adding missing ignore entries.
Bug: b/73340039
Change-Id: Iba195d571aec9579195d79d4970f760e417608c6
To enable/disable the traced and traced_probes deamons remotely we would
like system server to be able to set persist.traced.enable.
See also ag/3736001.
Denial:
selinux: avc: denied { set } for
property=persist.traced.enable
pid=1606 uid=1000 gid=1000
scontext=u:r:system_server:s0
tcontext=u:object_r:default_prop:s0 tclass=property_service
permissive=0\x0a
Run:
$ adb shell 'ps -A | grep traced'
Should see traced.
$ adb shell 'settings put global sys_traced 0'
$ adb shell 'ps -A | grep traced'
Should no longer see traced.
Test: See above.
Change-Id: I245b7df3853cabeb0e75db41fb4facaa178ab8f1
Bug: 74866333
Test: succeeded building and tested with taimen
Change-Id: Id19fec168ab266e386ea4c710a4c5cedfc4df33c
Merged-In: Id19fec168ab266e386ea4c710a4c5cedfc4df33c
(cherry picked from commit 62acbce4a2)
This reverts commit 016f0a58a9.
Reason for revert: Was temporarily reverted, merging back in with fix.
Test: Basic telephony sanity, treehugger
Bug: 74486619
Bug: 36427227
Merged-in: Ide68726a90d5485c2758673079427407aee1e4f2
Change-Id: Ide68726a90d5485c2758673079427407aee1e4f2
(cherry picked from commit 312248ff72)
This reverts commit aed57d4e4d.
Reason for revert: This CL is expected to break pre-submit tests (b/74486619)
Merged-in: I103c3faa1604fddc27b3b4602b587f2d733827b1
Change-Id: I0eb7a744e0d43ab15fc490e7e7c870d0f44e1401
This reverts commit 016f0a58a9.
Reason for revert: Was temporarily reverted, merging back in with fix.
Bug: 74486619
Bug: 36427227
Change-Id: Ide68726a90d5485c2758673079427407aee1e4f2
Also change the neverallow exceptions to be for hal_telephony_server
instead of rild.
Test: Basic telephony sanity, treehugger
Bug: 36427227
Merged-in: If892b28416d98ca1f9c241c5fcec70fbae35c82e
Change-Id: If892b28416d98ca1f9c241c5fcec70fbae35c82e
Also change the neverallow exceptions to be for hal_telephony_server
instead of rild.
Test: Basic telephony sanity, treehugger
Bug: 36427227
Change-Id: If892b28416d98ca1f9c241c5fcec70fbae35c82e
ADB is being separated from USB service since it's not tied to the USB
transport. This duplicates the usb_service's settings to adb_service for
this purpose.
Bug: 63820489
Test: make
Change-Id: Idbcfbe470d7568f9cba51f0c8d4a8ee9503db93d
Restrictions introduced in vendor init mean that new devices
may not no longer exempt vendor init from writing to system_data_file.
This means we must introduce a new label for /data/vendor which
vendor_init may write to.
Bug: 73087047
Test: build and boot Taimen and Marlin. Complete SUW, enroll fingerprint
No new denials.
Change-Id: I65f904bb28952d4776aab947515947e14befbe34
reboot_data_file was already removed from 26.cil by aosp/505397
Bug: 69390067
Test: build sepolicy
Change-Id: Ieff68cbdaf5b0ddc02d0d3e463765ba3716994ba
