Merge "Allow Traceur record the mm_event trace event."
diff --git a/apex/com.android.runtime-file_contexts b/apex/com.android.runtime-file_contexts
index 7878b20..eed0981 100644
--- a/apex/com.android.runtime-file_contexts
+++ b/apex/com.android.runtime-file_contexts
@@ -2,5 +2,6 @@
# System files
#
(/.*)? u:object_r:system_file:s0
+/bin/crash_dump(32|64) u:object_r:crash_dump_exec:s0
/bin/linker(64)? u:object_r:system_linker_exec:s0
/lib(64)?(/.*)? u:object_r:system_lib_file:s0
diff --git a/build/soong/Android.bp b/build/soong/Android.bp
index ae2bdd6..699a2a4 100644
--- a/build/soong/Android.bp
+++ b/build/soong/Android.bp
@@ -20,6 +20,7 @@
"soong",
"soong-android",
"soong-genrule",
+ "soong-sysprop",
],
srcs: [
"cil_compat_map.go",
diff --git a/build/soong/selinux_contexts.go b/build/soong/selinux_contexts.go
index 6a7123b..635ebda 100644
--- a/build/soong/selinux_contexts.go
+++ b/build/soong/selinux_contexts.go
@@ -19,9 +19,11 @@
"io"
"strings"
+ "github.com/google/blueprint"
"github.com/google/blueprint/proptools"
"android/soong/android"
+ "android/soong/sysprop"
)
const (
@@ -72,13 +74,15 @@
properties selinuxContextsProperties
fileContextsProperties fileContextsProperties
- build func(ctx android.ModuleContext, inputs android.Paths)
- outputPath android.ModuleGenPath
+ build func(ctx android.ModuleContext, inputs android.Paths) android.Path
+ deps func(ctx android.BottomUpMutatorContext)
+ outputPath android.Path
installPath android.InstallPath
}
var (
- reuseContextsDepTag = dependencyTag{name: "reuseContexts"}
+ reuseContextsDepTag = dependencyTag{name: "reuseContexts"}
+ syspropLibraryDepTag = dependencyTag{name: "sysprop_library"}
)
func init() {
@@ -110,6 +114,18 @@
return m.inRecovery()
}
+func (m *selinuxContextsModule) DepsMutator(ctx android.BottomUpMutatorContext) {
+ if m.deps != nil {
+ m.deps(ctx)
+ }
+}
+
+func (m *selinuxContextsModule) propertyContextsDeps(ctx android.BottomUpMutatorContext) {
+ for _, lib := range sysprop.SyspropLibraries(ctx.Config()) {
+ ctx.AddFarVariationDependencies([]blueprint.Variation{}, syspropLibraryDepTag, lib)
+ }
+}
+
func (m *selinuxContextsModule) GenerateAndroidBuildActions(ctx android.ModuleContext) {
if m.inRecovery() {
// Installing context files at the root of the recovery partition
@@ -164,7 +180,8 @@
}
}
- m.build(ctx, inputs)
+ m.outputPath = m.build(ctx, inputs)
+ ctx.InstallFile(m.installPath, ctx.ModuleName(), m.outputPath)
}
func newModule() *selinuxContextsModule {
@@ -258,8 +275,8 @@
}
}
-func (m *selinuxContextsModule) buildGeneralContexts(ctx android.ModuleContext, inputs android.Paths) {
- m.outputPath = android.PathForModuleGen(ctx, ctx.ModuleName()+"_m4out")
+func (m *selinuxContextsModule) buildGeneralContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
+ ret := android.PathForModuleGen(ctx, ctx.ModuleName()+"_m4out")
rule := android.NewRuleBuilder()
@@ -268,42 +285,42 @@
Text("--fatal-warnings -s").
FlagForEachArg("-D", ctx.DeviceConfig().SepolicyM4Defs()).
Inputs(inputs).
- FlagWithOutput("> ", m.outputPath)
+ FlagWithOutput("> ", ret)
if proptools.Bool(m.properties.Remove_comment) {
- rule.Temporary(m.outputPath)
+ rule.Temporary(ret)
remove_comment_output := android.PathForModuleGen(ctx, ctx.ModuleName()+"_remove_comment")
rule.Command().
Text("sed -e 's/#.*$//' -e '/^$/d'").
- Input(m.outputPath).
+ Input(ret).
FlagWithOutput("> ", remove_comment_output)
- m.outputPath = remove_comment_output
+ ret = remove_comment_output
}
if proptools.Bool(m.properties.Fc_sort) {
- rule.Temporary(m.outputPath)
+ rule.Temporary(ret)
sorted_output := android.PathForModuleGen(ctx, ctx.ModuleName()+"_sorted")
rule.Command().
Tool(ctx.Config().HostToolPath(ctx, "fc_sort")).
- FlagWithInput("-i ", m.outputPath).
+ FlagWithInput("-i ", ret).
FlagWithOutput("-o ", sorted_output)
- m.outputPath = sorted_output
+ ret = sorted_output
}
- rule.Build(pctx, ctx, "selinux_contexts", m.Name())
+ rule.Build(pctx, ctx, "selinux_contexts", "building contexts: "+m.Name())
rule.DeleteTemporaryFiles()
- ctx.InstallFile(m.installPath, ctx.ModuleName(), m.outputPath)
+ return ret
}
-func (m *selinuxContextsModule) buildFileContexts(ctx android.ModuleContext, inputs android.Paths) {
+func (m *selinuxContextsModule) buildFileContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
if m.properties.Fc_sort == nil {
m.properties.Fc_sort = proptools.BoolPtr(true)
}
@@ -315,7 +332,7 @@
if m := android.SrcIsModule(src); m != "" {
ctx.ModuleErrorf(
"Module srcs dependency %q is not supported for flatten_apex.srcs", m)
- return
+ return nil
}
for _, path := range android.PathsForModuleSrcExcludes(ctx, []string{src}, nil) {
out := android.PathForModuleGen(ctx, "flattened_apex", path.Rel())
@@ -334,7 +351,7 @@
}
rule.Build(pctx, ctx, m.Name(), "flattened_apex_file_contexts")
- m.buildGeneralContexts(ctx, inputs)
+ return m.buildGeneralContexts(ctx, inputs)
}
func fileFactory() android.Module {
@@ -344,12 +361,51 @@
return m
}
-func (m *selinuxContextsModule) buildHwServiceContexts(ctx android.ModuleContext, inputs android.Paths) {
+func (m *selinuxContextsModule) buildHwServiceContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
if m.properties.Remove_comment == nil {
m.properties.Remove_comment = proptools.BoolPtr(true)
}
- m.buildGeneralContexts(ctx, inputs)
+ return m.buildGeneralContexts(ctx, inputs)
+}
+
+func (m *selinuxContextsModule) buildPropertyContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
+ builtCtxFile := m.buildGeneralContexts(ctx, inputs)
+
+ var apiFiles android.Paths
+ ctx.VisitDirectDepsWithTag(syspropLibraryDepTag, func(c android.Module) {
+ i, ok := c.(interface{ CurrentSyspropApiFile() android.Path })
+ if !ok {
+ panic(fmt.Errorf("unknown dependency %q for %q", ctx.OtherModuleName(c), ctx.ModuleName()))
+ }
+ apiFiles = append(apiFiles, i.CurrentSyspropApiFile())
+ })
+
+ // check compatibility with sysprop_library
+ if len(apiFiles) > 0 {
+ out := android.PathForModuleGen(ctx, ctx.ModuleName()+"_api_checked")
+ rule := android.NewRuleBuilder()
+
+ msg := `\n******************************\n` +
+ `API of sysprop_library doesn't match with property_contexts\n` +
+ `Please fix the breakage and rebuild.\n` +
+ `******************************\n`
+
+ rule.Command().
+ Text("( ").
+ BuiltTool(ctx, "sysprop_type_checker").
+ FlagForEachInput("--api ", apiFiles).
+ FlagWithInput("--context ", builtCtxFile).
+ Text(" || ( echo").Flag("-e").
+ Flag(`"` + msg + `"`).
+ Text("; exit 38) )")
+
+ rule.Command().Text("cp -f").Input(builtCtxFile).Output(out)
+ rule.Build(pctx, ctx, "property_contexts_check_api", "checking API: "+m.Name())
+ builtCtxFile = out
+ }
+
+ return builtCtxFile
}
func hwServiceFactory() android.Module {
@@ -360,7 +416,8 @@
func propertyFactory() android.Module {
m := newModule()
- m.build = m.buildGeneralContexts
+ m.build = m.buildPropertyContexts
+ m.deps = m.propertyContextsDeps
return m
}
diff --git a/private/adbd.te b/private/adbd.te
index f7504df..cd3d8f3 100644
--- a/private/adbd.te
+++ b/private/adbd.te
@@ -183,6 +183,11 @@
allow adbd rootfs:dir r_dir_perms;
+# Allow killing child "perfetto" binary processes, which auto-transition to
+# their own domain. Allows propagating termination of "adb shell perfetto ..."
+# invocations.
+allow adbd perfetto:process signal;
+
# Allow to pull Perfetto traces.
allow adbd perfetto_traces_data_file:file r_file_perms;
allow adbd perfetto_traces_data_file:dir r_dir_perms;
diff --git a/private/attributes b/private/attributes
new file mode 100644
index 0000000..e01b212
--- /dev/null
+++ b/private/attributes
@@ -0,0 +1 @@
+hal_attribute(lazy_test);
diff --git a/private/cppreopts.te b/private/cppreopts.te
index 1a8fa0b..1192ba6 100644
--- a/private/cppreopts.te
+++ b/private/cppreopts.te
@@ -25,3 +25,7 @@
# Allow running the cp command using cppreopts permissions. Needed so we can
# write into dalvik-cache
allow cppreopts toolbox_exec:file rx_file_perms;
+
+# Silence the denial when /postinstall cannot be mounted, e.g., system_other
+# is wiped, but cppreopts.sh still runs.
+dontaudit cppreopts postinstall_mnt_dir:dir search;
diff --git a/private/file_contexts b/private/file_contexts
index c1d5274..75e9585 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -258,8 +258,6 @@
/system/bin/keystore u:object_r:keystore_exec:s0
/system/bin/fingerprintd u:object_r:fingerprintd_exec:s0
/system/bin/gatekeeperd u:object_r:gatekeeperd_exec:s0
-/system/bin/crash_dump32 u:object_r:crash_dump_exec:s0
-/system/bin/crash_dump64 u:object_r:crash_dump_exec:s0
/system/bin/tombstoned u:object_r:tombstoned_exec:s0
/system/bin/recovery-persist u:object_r:recovery_persist_exec:s0
/system/bin/recovery-refresh u:object_r:recovery_refresh_exec:s0
@@ -451,6 +449,7 @@
/(system_ext|system/system_ext)/etc/selinux/system_ext_mac_permissions\.xml u:object_r:mac_perms_file:s0
/(system_ext|system/system_ext)/bin/aidl_lazy_test_server u:object_r:aidl_lazy_test_server_exec:s0
+/(system_ext|system/system_ext)/bin/hidl_lazy_test_server u:object_r:hidl_lazy_test_server_exec:s0
#############################
# Vendor files from /(product|system/product)/vendor_overlay
diff --git a/private/hal_lazy_test.te b/private/hal_lazy_test.te
new file mode 100644
index 0000000..93cf235
--- /dev/null
+++ b/private/hal_lazy_test.te
@@ -0,0 +1,3 @@
+userdebug_or_eng(`
+ hal_attribute_hwservice(hal_lazy_test, hal_lazy_test_hwservice)
+')
diff --git a/private/hidl_lazy_test_server.te b/private/hidl_lazy_test_server.te
new file mode 100644
index 0000000..04e8c9f
--- /dev/null
+++ b/private/hidl_lazy_test_server.te
@@ -0,0 +1,8 @@
+type hidl_lazy_test_server, domain;
+type hidl_lazy_test_server_exec, exec_type, file_type, system_file_type;
+
+userdebug_or_eng(`
+ typeattribute hidl_lazy_test_server coredomain;
+ init_daemon_domain(hidl_lazy_test_server)
+ hal_server_domain(hidl_lazy_test_server, hal_lazy_test)
+')
diff --git a/private/hwservice.te b/private/hwservice.te
new file mode 100644
index 0000000..b7ba4d7
--- /dev/null
+++ b/private/hwservice.te
@@ -0,0 +1 @@
+type hal_lazy_test_hwservice, hwservice_manager_type, protected_hwservice;
diff --git a/private/hwservice_contexts b/private/hwservice_contexts
index 9c471bc..664e697 100644
--- a/private/hwservice_contexts
+++ b/private/hwservice_contexts
@@ -40,6 +40,7 @@
android.hardware.input.classifier::IInputClassifier u:object_r:hal_input_classifier_hwservice:s0
android.hardware.ir::IConsumerIr u:object_r:hal_ir_hwservice:s0
android.hardware.keymaster::IKeymasterDevice u:object_r:hal_keymaster_hwservice:s0
+android.hardware.tests.lazy::ILazy u:object_r:hal_lazy_test_hwservice:s0
android.hardware.light::ILight u:object_r:hal_light_hwservice:s0
android.hardware.lowpan::ILowpanDevice u:object_r:hal_lowpan_hwservice:s0
android.hardware.media.omx::IOmx u:object_r:hal_omx_hwservice:s0
diff --git a/private/incidentd.te b/private/incidentd.te
index 8924d83..c379fa2 100644
--- a/private/incidentd.te
+++ b/private/incidentd.te
@@ -50,11 +50,8 @@
binder_call(incidentd, statsd)
# section id 3026, allow reading /data/misc/perfetto-traces.
-# TODO(b/134706389): remove when no longer used.
-userdebug_or_eng(`
- allow incidentd perfetto_traces_data_file:dir r_dir_perms;
- allow incidentd perfetto_traces_data_file:file r_file_perms;
-');
+allow incidentd perfetto_traces_data_file:dir r_dir_perms;
+allow incidentd perfetto_traces_data_file:file r_file_perms;
# Create and write into /data/misc/incidents
allow incidentd incident_data_file:dir rw_dir_perms;
@@ -176,13 +173,12 @@
###
# only specific domains can find the incident service
-# TODO(b/134706389): remove "perfetto" when no longer used.
neverallow {
domain
-dumpstate
-incident
-incidentd
- userdebug_or_eng(`-perfetto')
+ -perfetto
-permissioncontroller_app
-priv_app
-statsd
diff --git a/private/mediaprovider_app.te b/private/mediaprovider_app.te
index 0b1047a..7923649 100644
--- a/private/mediaprovider_app.te
+++ b/private/mediaprovider_app.te
@@ -39,4 +39,7 @@
FS_IOC_SETFLAGS
};
+# Access external sdcards through /mnt/media_rw
+allow mediaprovider_app { mnt_media_rw_file }:dir search;
+
allow mediaprovider_app proc_filesystems:file r_file_perms;
diff --git a/private/perfetto.te b/private/perfetto.te
index 2183b6d..25c70d2 100644
--- a/private/perfetto.te
+++ b/private/perfetto.te
@@ -44,11 +44,16 @@
allow perfetto devpts:chr_file rw_file_perms;
# Allow perfetto to ask incidentd to start a report.
-# TODO(b/134706389): remove when no longer used.
-userdebug_or_eng(`
- allow perfetto incident_service:service_manager find;
- binder_call(perfetto, incidentd)
-');
+allow perfetto incident_service:service_manager find;
+binder_call(perfetto, incidentd)
+
+# perfetto log formatter calls isatty() on its stderr. Denial when running
+# under adbd is harmless. Avoid generating denial logs.
+dontaudit perfetto adbd:unix_stream_socket getattr;
+dontauditxperm perfetto adbd:unix_stream_socket ioctl unpriv_tty_ioctls;
+# As above, when adbd is running in "su" domain (only the ioctl is denied in
+# practice).
+dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
###
### Neverallow rules
diff --git a/private/preloads_copy.te b/private/preloads_copy.te
index 7177839..ba54b70 100644
--- a/private/preloads_copy.te
+++ b/private/preloads_copy.te
@@ -12,3 +12,7 @@
# Allow to copy from /postinstall
allow preloads_copy system_file:dir r_dir_perms;
+
+# Silence the denial when /postinstall cannot be mounted, e.g., system_other
+# is wiped, but preloads_copy.sh still runs.
+dontaudit preloads_copy postinstall_mnt_dir:dir search;
diff --git a/private/property_contexts b/private/property_contexts
index c8e743c..5baaf9d 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -760,8 +760,14 @@
ro.apex.updatable u:object_r:exported_default_prop:s0 exact bool
-ro.init.userspace_reboot.is_supported u:object_r:userspace_reboot_config_prop:s0 exact bool
+# Properties to configure userspace reboot.
+init.userspace_reboot.is_supported u:object_r:userspace_reboot_config_prop:s0 exact bool
+init.userspace_reboot.sigkill.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
+init.userspace_reboot.sigterm.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
+init.userspace_reboot.userdata_remount.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
+init.userspace_reboot.watchdog.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
+#
# public-readable
ro.boot.revision u:object_r:exported2_default_prop:s0 exact string
diff --git a/private/system_app.te b/private/system_app.te
index e59e7ad..0b77bb3 100644
--- a/private/system_app.te
+++ b/private/system_app.te
@@ -62,6 +62,9 @@
set_prop(system_app, ctl_default_prop)
set_prop(system_app, ctl_bugreport_prop)
+# Allow developer settings to query gsid status
+get_prop(system_app, gsid_prop)
+
# Create /data/anr/traces.txt.
allow system_app anr_data_file:dir ra_dir_perms;
allow system_app anr_data_file:file create_file_perms;
diff --git a/private/system_server.te b/private/system_server.te
index e586f51..075c9af 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -306,6 +306,7 @@
hal_graphics_allocator_server
hal_graphics_composer_server
hal_health_server
+ hal_neuralnetworks_server
hal_omx_server
hal_power_stats_server
hal_sensors_server
diff --git a/public/fastbootd.te b/public/fastbootd.te
index bb18637..fb3e953 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te
@@ -35,6 +35,7 @@
allow fastbootd dm_device:chr_file rw_file_perms;
allow fastbootd dm_device:blk_file rw_file_perms;
+ allow fastbootd cache_block_device:blk_file rw_file_perms;
allow fastbootd super_block_device_type:blk_file rw_file_perms;
allow fastbootd {
boot_block_device
@@ -57,6 +58,7 @@
metadata_block_device
userdata_block_device
dm_device
+ cache_block_device
}:blk_file ioctl { BLKSECDISCARD BLKDISCARD };
allow fastbootd misc_block_device:blk_file rw_file_perms;
diff --git a/public/hal_audio.te b/public/hal_audio.te
index bb9eec4..d54b2b2 100644
--- a/public/hal_audio.te
+++ b/public/hal_audio.te
@@ -17,6 +17,9 @@
allow hal_audio dumpstate:fd use;
allow hal_audio dumpstate:fifo_file write;
+# Needed to allow sound trigger hal to access shared memory from apps.
+allow hal_audio_server appdomain:fd use;
+
# allow hal audio to use vnbinder
vndbinder_use(hal_audio)
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 213ba05..11272be 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -4,6 +4,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.atrace@1\.0-service u:object_r:hal_atrace_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.audio(@2\.0-|\.)service u:object_r:hal_audio_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.audiocontrol@1\.0-service u:object_r:hal_audiocontrol_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.audiocontrol@2\.0-service u:object_r:hal_audiocontrol_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.can@1\.0-service u:object_r:hal_can_socketcan_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.evs@1\.[0-9]-service u:object_r:hal_evs_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.vehicle@2\.0-(service|protocan-service) u:object_r:hal_vehicle_default_exec:s0
@@ -25,7 +26,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.0-service-lazy u:object_r:hal_drm_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.cas@1\.[0-2]-service u:object_r:hal_cas_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.cas@1\.[0-2]-service-lazy u:object_r:hal_cas_default_exec:s0
-/(vendor|system/vendor)/bin/hw/android\.hardware\.dumpstate@1\.0-service\.example u:object_r:hal_dumpstate_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.dumpstate@1\.[0-1]-service\.example u:object_r:hal_dumpstate_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.gatekeeper@1\.0-service u:object_r:hal_gatekeeper_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.gnss@[0-9]\.[0-9]-service u:object_r:hal_gnss_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.graphics\.allocator@2\.0-service u:object_r:hal_graphics_allocator_default_exec:s0
@@ -44,6 +45,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@4\.1-service u:object_r:hal_keymaster_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service u:object_r:hal_light_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service-lazy u:object_r:hal_light_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.lights-service\.example u:object_r:hal_light_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.lowpan@1\.0-service u:object_r:hal_lowpan_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.memtrack@1\.0-service u:object_r:hal_memtrack_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.nfc@1\.0-service u:object_r:hal_nfc_default_exec:s0