Merge "Allow lmkd to log to statsd"
diff --git a/OWNERS b/OWNERS
index 9d3f1b1..ff29677 100644
--- a/OWNERS
+++ b/OWNERS
@@ -1,6 +1,5 @@
alanstokes@google.com
bowgotsai@google.com
-dcashman@google.com
jbires@google.com
jeffv@google.com
jgalenson@google.com
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index e5eb3b2..42071c9 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -98,7 +98,6 @@
system_boot_reason_prop
system_net_netd_hwservice
system_update_service
- test_prop
thermal_service
thermalcallback_hwservice
thermalserviced
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index e56e77b..d74139a 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -82,7 +82,6 @@
storaged_data_file
system_boot_reason_prop
system_update_service
- test_prop
tombstone_wifi_data_file
trace_data_file
traced
diff --git a/private/platform_app.te b/private/platform_app.te
index b526462..b147bd9 100644
--- a/private/platform_app.te
+++ b/private/platform_app.te
@@ -77,9 +77,6 @@
allow platform_app system_server:udp_socket {
connect getattr read recvfrom sendto write getopt setopt };
-# allow platform apps to connect to the property service
-set_prop(platform_app, test_prop)
-
###
### Neverallow rules
###
diff --git a/private/property_contexts b/private/property_contexts
index d61b48c..4433bdf 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -71,7 +71,6 @@
persist.sys.boot.reason u:object_r:last_boot_reason_prop:s0
sys.boot.reason u:object_r:system_boot_reason_prop:s0
pm. u:object_r:pm_prop:s0
-test. u:object_r:test_prop:s0
# Boolean property set by system server upon boot indicating
# if device owner is provisioned.
diff --git a/private/system_server.te b/private/system_server.te
index c5b83ec..045acc6 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -773,9 +773,14 @@
# Allow system_server to open profile snapshots for read.
# System server never reads the actual content. It passes the descriptor to
# to privileged apps which acquire the permissions to inspect the profiles.
-allow system_server user_profile_data_file:dir { search };
+allow system_server user_profile_data_file:dir { getattr search };
allow system_server user_profile_data_file:file { getattr open read };
+# On userdebug build we may profile system server. Allow it to write and create its own profile.
+userdebug_or_eng(`
+ allow system_server user_profile_data_file:file create_file_perms;
+')
+
userdebug_or_eng(`
# Allow system server to notify mediaextractor of the plugin update.
allow system_server mediaextractor_update_service:service_manager find;
diff --git a/public/attributes b/public/attributes
index 50001e1..fed8def 100644
--- a/public/attributes
+++ b/public/attributes
@@ -38,6 +38,7 @@
# All types used for procfs files.
attribute proc_type;
+expandattribute proc_type false;
# All types used for sysfs files.
attribute sysfs_type;
diff --git a/public/property.te b/public/property.te
index ee0031d..5dd88dc 100644
--- a/public/property.te
+++ b/public/property.te
@@ -51,7 +51,6 @@
type system_boot_reason_prop, property_type;
type system_prop, property_type, core_property_type;
type system_radio_prop, property_type, core_property_type;
-type test_prop, property_type;
type traced_enabled_prop, property_type;
type vold_prop, property_type, core_property_type;
type wifi_log_prop, property_type, log_property_type;