Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709)
Bug: 166295507
Merged-In: I6d0b1be1a46288fff42c3689dbef2f7443efebcc
Change-Id: I133180d20457b9f805f3da0915e2cf6e48229132
diff --git a/private/app_zygote.te b/private/app_zygote.te
index a826f7f..9285323 100644
--- a/private/app_zygote.te
+++ b/private/app_zygote.te
@@ -4,9 +4,6 @@
###### Policy below is different from regular zygote-spawned apps
######
-# The app_zygote needs to be able to transition domains.
-typeattribute app_zygote mlstrustedsubject;
-
# Allow access to temporary files, which is normally permitted through
# a domain macro.
tmpfs_domain(app_zygote);
@@ -95,12 +92,14 @@
neverallow app_zygote property_socket:sock_file write;
neverallow app_zygote property_type:property_service set;
-# Should not have any access to non-app data files.
+# Should not have any access to data files.
neverallow app_zygote {
bluetooth_data_file
nfc_data_file
radio_data_file
shell_data_file
+ app_data_file
+ privapp_data_file
}:file { rwx_file_perms };
neverallow app_zygote {
diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 7d5a04f..1079046 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -28,6 +28,7 @@
binderfs_logs_proc
boringssl_self_test
bq_config_prop
+ cacheinfo_service
charger_prop
cold_boot_done_prop
credstore
@@ -98,6 +99,7 @@
soundtrigger_middleware_service
staged_install_file
storage_config_prop
+ surfaceflinger_display_prop
sysfs_dm_verity
system_adbd_prop
system_config_service
diff --git a/private/gmscore_app.te b/private/gmscore_app.te
index f882ab0..5022160 100644
--- a/private/gmscore_app.te
+++ b/private/gmscore_app.te
@@ -56,6 +56,7 @@
dontaudit gmscore_app sysfs_loop:file r_file_perms;
dontaudit gmscore_app { wifi_prop wifi_hal_prop }:file r_file_perms;
dontaudit gmscore_app mirror_data_file:dir search;
+dontaudit gmscore_app mnt_vendor_file:dir search;
# Access the network
net_domain(gmscore_app)
diff --git a/private/keystore.te b/private/keystore.te
index a36926e..2f62920c 100644
--- a/private/keystore.te
+++ b/private/keystore.te
@@ -14,8 +14,9 @@
# Allow to check whether security logging is enabled.
get_prop(keystore, device_logging_prop)
+# Allow keystore to write to statsd.
+unix_socket_send(keystore, statsdw, statsd)
+
# Keystore need access to the keystore_key context files to load the keystore key backend.
allow keystore keystore2_key_contexts_file:file r_file_perms;
-# Allow keystore to write to statsd.
-unix_socket_send(keystore, statsdw, statsd)
diff --git a/private/property.te b/private/property.te
index 2d3d861..bc1934d 100644
--- a/private/property.te
+++ b/private/property.te
@@ -405,6 +405,13 @@
}:property_service set;
neverallow {
+ -init
+ -surfaceflinger
+} {
+ surfaceflinger_display_prop
+}:property_service set;
+
+neverallow {
-coredomain
-appdomain
-vendor_init
diff --git a/private/property_contexts b/private/property_contexts
index 2397150..9a53c28 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -575,6 +575,9 @@
ro.boot.dynamic_partitions u:object_r:exported_default_prop:s0 exact string
ro.boot.dynamic_partitions_retrofit u:object_r:exported_default_prop:s0 exact string
+ro.boottime.init.mount.data u:object_r:boottime_public_prop:s0 exact string
+ro.boottime.init.fsck.data u:object_r:boottime_public_prop:s0 exact string
+
ro.build.date u:object_r:build_prop:s0 exact string
ro.build.date.utc u:object_r:build_prop:s0 exact int
ro.build.description u:object_r:build_prop:s0 exact string
@@ -883,3 +886,7 @@
graphics.gpu.profiler.support u:object_r:graphics_config_prop:s0 exact bool
graphics.gpu.profiler.vulkan_layer_apk u:object_r:graphics_config_prop:s0 exact string
+
+# surfaceflinger-settable
+graphics.display.kernel_idle_timer.enabled u:object_r:surfaceflinger_display_prop:s0 exact bool
+
diff --git a/private/seapp_contexts b/private/seapp_contexts
index ebbbf08..4b23e89 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -151,8 +151,8 @@
user=shared_relro domain=shared_relro
user=shell seinfo=platform domain=shell name=com.android.shell type=shell_data_file
user=webview_zygote seinfo=webview_zygote domain=webview_zygote
-user=_isolated domain=isolated_app levelFrom=all
-user=_app seinfo=app_zygote domain=app_zygote levelFrom=all
+user=_isolated domain=isolated_app levelFrom=user
+user=_app seinfo=app_zygote domain=app_zygote levelFrom=user
user=_app seinfo=media domain=mediaprovider type=app_data_file levelFrom=user
user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user
user=_app isEphemeralApp=true domain=ephemeral_app type=app_data_file levelFrom=all
diff --git a/private/service_contexts b/private/service_contexts
index 808edcc..a78b108 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -42,6 +42,7 @@
bluetooth u:object_r:bluetooth_service:s0
broadcastradio u:object_r:broadcastradio_service:s0
bugreport u:object_r:bugreport_service:s0
+cacheinfo u:object_r:cacheinfo_service:s0
carrier_config u:object_r:radio_service:s0
clipboard u:object_r:clipboard_service:s0
com.android.net.IProxyService u:object_r:IProxyService_service:s0
@@ -246,7 +247,7 @@
wifip2p u:object_r:wifip2p_service:s0
wifiscanner u:object_r:wifiscanner_service:s0
wifi u:object_r:wifi_service:s0
-wificond u:object_r:wifinl80211_service:s0
+wifinl80211 u:object_r:wifinl80211_service:s0
wifiaware u:object_r:wifiaware_service:s0
wifirtt u:object_r:rttmanager_service:s0
window u:object_r:window_service:s0
diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 973350e..37601b9 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -56,6 +56,7 @@
set_prop(surfaceflinger, exported_system_prop)
set_prop(surfaceflinger, exported3_system_prop)
set_prop(surfaceflinger, ctl_bootanim_prop)
+set_prop(surfaceflinger, surfaceflinger_display_prop)
# Use open files supplied by an app.
allow surfaceflinger appdomain:fd use;
diff --git a/private/vold.te b/private/vold.te
index d286e8f..ce451ac 100644
--- a/private/vold.te
+++ b/private/vold.te
@@ -30,6 +30,7 @@
set_prop(vold, restorecon_prop)
set_prop(vold, ota_prop)
set_prop(vold, boottime_prop)
+set_prop(vold, boottime_public_prop)
# Vold will use Keystore instead of using Keymint directly. But it still needs
# to manage its Keymint blobs. This is why it needs the `manage_blob` permission.
@@ -43,3 +44,4 @@
update
use
};
+