Merge "Revert "Remove proc access from hal_audio.""
diff --git a/private/bug_map b/private/bug_map
new file mode 100644
index 0000000..8f28a66
--- /dev/null
+++ b/private/bug_map
@@ -0,0 +1 @@
+priv_app firstboot_prop file 63801215
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index c64c866..2cb4d09 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -33,7 +33,13 @@
thermalserviced_tmpfs
timezone_service
tombstoned_java_trace_socket
- vold_service))
+ vold_prepare_subdirs
+ vold_prepare_subdirs_exec
+ vold_service
+ wpantund
+ wpantund_exec
+ wpantund_service
+ wpantund_tmpfs))
;; private_objects - a collection of types that were labeled differently in
;; older policy, but that should not remain accessible to vendor policy.
diff --git a/private/file_contexts b/private/file_contexts
index d5a0bb1..d87d9bf 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -259,6 +259,7 @@
/system/bin/thermalserviced u:object_r:thermalserviced_exec:s0
/system/bin/webview_zygote32 u:object_r:webview_zygote_exec:s0
/system/bin/webview_zygote64 u:object_r:webview_zygote_exec:s0
+/system/bin/wpantund u:object_r:wpantund_exec:s0
/system/bin/virtual_touchpad u:object_r:virtual_touchpad_exec:s0
/system/bin/hw/android\.hidl\.allocator@1\.0-service u:object_r:hal_allocator_default_exec:s0
/system/etc/selinux/mapping/[0-9]+\.[0-9]+\.cil u:object_r:sepolicy_file:s0
@@ -272,6 +273,7 @@
/system/etc/selinux/plat_and_mapping_sepolicy\.cil\.sha256 u:object_r:sepolicy_file:s0
/system/bin/vr_hwc u:object_r:vr_hwc_exec:s0
/system/bin/adbd u:object_r:adbd_exec:s0
+/system/bin/vold_prepare_subdirs u:object_r:vold_prepare_subdirs_exec:s0
#############################
# Vendor files
@@ -432,6 +434,10 @@
# User icon files
/data/system/users/[0-9]+/photo.png u:object_r:icon_file:s0
+# vold per-user data
+/data/misc_de/[0-9]+/vold(/.*)? u:object_r:vold_data_file:s0
+/data/misc_ce/[0-9]+/vold(/.*)? u:object_r:vold_data_file:s0
+
#############################
# efs files
#
diff --git a/private/platform_app.te b/private/platform_app.te
index 4d937be..884c436 100644
--- a/private/platform_app.te
+++ b/private/platform_app.te
@@ -54,6 +54,7 @@
allow platform_app persistent_data_block_service:service_manager find;
allow platform_app radio_service:service_manager find;
allow platform_app surfaceflinger_service:service_manager find;
+allow platform_app thermal_service:service_manager find;
allow platform_app timezone_service:service_manager find;
allow platform_app app_api_service:service_manager find;
allow platform_app system_api_service:service_manager find;
diff --git a/private/system_app.te b/private/system_app.te
index 904b851..0381c4f 100644
--- a/private/system_app.te
+++ b/private/system_app.te
@@ -67,6 +67,15 @@
-vold_service
-vr_hwc_service
}:service_manager find;
+# suppress denials for services system_app should not be accessing.
+dontaudit system_app {
+ dumpstate_service
+ installd_service
+ netd_service
+ virtual_touchpad_service
+ vold_service
+ vr_hwc_service
+}:service_manager find;
allow system_app keystore:keystore_key {
get_state
diff --git a/private/system_server.te b/private/system_server.te
index 260d6ce..769b3b7 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -180,6 +180,7 @@
binder_call(system_server, netd)
binder_call(system_server, vold)
binder_call(system_server, wificond)
+binder_call(system_server, wpantund)
binder_service(system_server)
# Use HALs
diff --git a/private/vold_prepare_subdirs.te b/private/vold_prepare_subdirs.te
new file mode 100644
index 0000000..c2146f9
--- /dev/null
+++ b/private/vold_prepare_subdirs.te
@@ -0,0 +1 @@
+domain_auto_trans(vold, vold_prepare_subdirs_exec, vold_prepare_subdirs)
diff --git a/private/wpantund.te b/private/wpantund.te
new file mode 100644
index 0000000..e91662c
--- /dev/null
+++ b/private/wpantund.te
@@ -0,0 +1,3 @@
+typeattribute wpantund coredomain;
+
+init_daemon_domain(wpantund)
diff --git a/public/attributes b/public/attributes
index 986b0ed..c25f1eb 100644
--- a/public/attributes
+++ b/public/attributes
@@ -148,6 +148,12 @@
attribute vendor_executes_system_violators;
expandattribute vendor_executes_system_violators false;
+# All domains which violate the requirement of not sharing files by path
+# between between vendor and core domains.
+# TODO(b/34980020)
+attribute data_between_core_and_vendor_violators;
+expandattribute data_between_core_and_vendor_violators false;
+
# hwservices that are accessible from untrusted applications
# WARNING: Use of this attribute should be avoided unless
# absolutely necessary. It is a temporary allowance to aid the
diff --git a/public/service.te b/public/service.te
index 068ea4e..fe26020 100644
--- a/public/service.te
+++ b/public/service.te
@@ -150,3 +150,4 @@
type wificond_service, service_manager_type;
type wifiaware_service, app_api_service, system_server_service, service_manager_type;
type window_service, system_api_service, system_server_service, service_manager_type;
+type wpantund_service, system_api_service, service_manager_type;
diff --git a/public/shell.te b/public/shell.te
index 84e76f2..fb650bf 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -109,6 +109,7 @@
# allow shell to look through /proc/ for ps, top, netstat
r_dir_file(shell, proc)
r_dir_file(shell, proc_net)
+allow shell proc_filesystems:file r_file_perms;
allow shell proc_interrupts:file r_file_perms;
allow shell proc_meminfo:file r_file_perms;
allow shell proc_stat:file r_file_perms;
@@ -142,8 +143,9 @@
allow shell self:process ptrace;
# allow shell to get battery info
-allow shell sysfs_batteryinfo:file r_file_perms;
allow shell sysfs:dir r_dir_perms;
+allow shell sysfs_batteryinfo:dir r_dir_perms;
+allow shell sysfs_batteryinfo:file r_file_perms;
# Allow access to ion memory allocation device.
allow shell ion_device:chr_file rw_file_perms;
diff --git a/public/thermalserviced.te b/public/thermalserviced.te
index 5b6025c..00e0071 100644
--- a/public/thermalserviced.te
+++ b/public/thermalserviced.te
@@ -9,3 +9,5 @@
hwbinder_use(thermalserviced)
hal_client_domain(thermalserviced, hal_thermal)
add_hwservice(thermalserviced, thermalcallback_hwservice)
+
+binder_call(thermalserviced, platform_app)
diff --git a/public/vold.te b/public/vold.te
index 71932df..197eead 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -201,7 +201,7 @@
neverallow { domain -vold } vold_data_file:dir ~{ open create read getattr setattr search relabelto ioctl };
neverallow { domain -vold -kernel } vold_data_file:notdevfile_class_set ~{ relabelto getattr };
-neverallow { domain -vold -init } vold_data_file:dir *;
+neverallow { domain -vold -init -vold_prepare_subdirs } vold_data_file:dir *;
neverallow { domain -vold -init -kernel } vold_data_file:notdevfile_class_set *;
neverallow { domain -vold -init } restorecon_prop:property_service set;
diff --git a/public/vold_prepare_subdirs.te b/public/vold_prepare_subdirs.te
new file mode 100644
index 0000000..ddb5882
--- /dev/null
+++ b/public/vold_prepare_subdirs.te
@@ -0,0 +1,18 @@
+# SELinux directory creation and labelling for vold-managed directories
+
+type vold_prepare_subdirs, domain;
+type vold_prepare_subdirs_exec, exec_type, file_type;
+
+typeattribute vold_prepare_subdirs coredomain;
+
+allow vold_prepare_subdirs system_file:file execute_no_trans;
+allow vold_prepare_subdirs shell_exec:file rx_file_perms;
+allow vold_prepare_subdirs toolbox_exec:file rx_file_perms;
+allow vold_prepare_subdirs devpts:chr_file { ioctl read write };
+allow vold_prepare_subdirs vold:fd use;
+allow vold_prepare_subdirs vold:fifo_file { read write };
+allow vold_prepare_subdirs file_contexts_file:file r_file_perms;
+allow vold_prepare_subdirs self:capability dac_override;
+allow vold_prepare_subdirs self:process setfscreate;
+allow vold_prepare_subdirs system_data_file:dir { add_name write };
+allow vold_prepare_subdirs vold_data_file:dir { create getattr setattr };
diff --git a/public/wpantund.te b/public/wpantund.te
new file mode 100644
index 0000000..a97481e
--- /dev/null
+++ b/public/wpantund.te
@@ -0,0 +1,29 @@
+type wpantund, domain;
+type wpantund_exec, exec_type, file_type;
+
+hal_client_domain(wpantund, hal_lowpan)
+net_domain(wpantund)
+
+binder_use(wpantund)
+binder_call(wpantund, system_server)
+
+# wpantund needs to be able to check in with the lowpan_service
+allow wpantund lowpan_service:service_manager find;
+
+# Allow wpantund to call any callbacks that have been registered with it.
+# Generally, only privileged apps are able to register callbacks with
+# wpantund, so we are limiting the scope for callbacks to only privileged
+# apps. We also add shell to allow the command-line utility `lowpanctl`
+# to work properly from `adb shell`.
+allow wpantund {priv_app shell}:binder call;
+
+# create sockets to set interfaces up and down, add multicast groups, etc.
+allow wpantund self:udp_socket create_socket_perms;
+
+# setting interface state up/down and changing MTU are privileged ioctls
+allowxperm wpantund self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFMTU };
+
+# Allow us to bring up a TUN network interface.
+allow wpantund tun_device:chr_file rw_file_perms;
+allow wpantund self:capability { net_admin net_raw };
+allow wpantund self:tun_socket create;
diff --git a/tools/fc_sort/fc_sort.c b/tools/fc_sort/fc_sort.c
index fcd62eb..956c37b 100644
--- a/tools/fc_sort/fc_sort.c
+++ b/tools/fc_sort/fc_sort.c
@@ -46,6 +46,9 @@
void file_context_node_destroy(file_context_node_t *x)
{
+ if (!x)
+ return;
+
free(x->path);
free(x->file_type);
free(x->context);
@@ -135,8 +138,6 @@
file_context_node_t *temp;
file_context_node_t *jumpto;
-
-
/* If a is a empty list, and b is not,
* set a as b and proceed to the end. */
if (!a && b)
@@ -164,7 +165,6 @@
fc_compare(a_current->next,
b_current) != -1) {
-
temp = a_current->next;
a_current->next = b_current;
b_current = b_current->next;
@@ -177,7 +177,6 @@
a_current = jumpto;
}
-
/* if there is anything left in b to be inserted,
put it on the end */
if (b_current) {
@@ -209,11 +208,12 @@
*/
void fc_merge_sort(file_context_bucket_t *master)
{
-
-
file_context_bucket_t *current;
file_context_bucket_t *temp;
+ if (!master)
+ return;
+
/* Loop until master is the only bucket left
* so that this will stop when master contains
* the sorted list. */
@@ -222,28 +222,20 @@
/* This loop merges buckets two-by-two. */
while (current) {
-
if (current->next) {
-
current->data =
fc_merge(current->data,
current->next->data);
-
-
temp = current->next;
current->next = current->next->next;
free(temp);
-
}
-
current = current->next;
}
}
-
-
}
@@ -292,19 +284,40 @@
/* If a escape character is found,
* skip the next character. */
c++;
+ break;
default:
- /* If no meta character has been found yet,
- * add one to the stem length. */
- if (!fc_node->meta)
- fc_node->stem_len++;
break;
}
+ /* If no meta character has been found yet,
+ * add one to the stem length. */
+ if (!fc_node->meta)
+ fc_node->stem_len++;
+
fc_node->str_len++;
c++;
}
}
+
+
+/* fc_free_file_context_node_list
+ * Free the memory allocated to the linked list and its elements.
+ */
+void fc_free_file_context_node_list(struct file_context_node *node)
+{
+ struct file_context_node *next;
+
+ while (node) {
+ next = node->next;
+ file_context_node_destroy(node);
+ free(node);
+ node = next;
+ }
+}
+
+
+
/* main
* This program takes in two arguments, the input filename and the
* output filename. The input file should be syntactically correct.
@@ -326,7 +339,6 @@
FILE *in_file, *out_file;
-
/* Check for the correct number of command line arguments. */
if (argc < 2 || argc > 3) {
fprintf(stderr, "Usage: %s <infile> [<outfile>]\n",argv[0]);
@@ -346,25 +358,33 @@
/* Initialize the head of the linked list. */
head = current = (file_context_node_t*)malloc(sizeof(file_context_node_t));
+ if (!head) {
+ fprintf(stderr, "Error: failure allocating memory.\n");
+ return 1;
+ }
head->next = NULL;
+ head->path = NULL;
+ head->file_type = NULL;
+ head->context = NULL;
/* Parse the file into a file_context linked list. */
line_buf = NULL;
- buf_len = 0;
while ( getline(&line_buf, &buf_len, in_file) != -1 ){
line_len = strlen(line_buf);
+
if( line_len == 0 || line_len == 1)
continue;
+
/* Get rid of whitespace from the front of the line. */
for (i = 0; i < line_len; i++) {
if (!isspace(line_buf[i]))
break;
}
-
if (i >= line_len)
continue;
+
/* Check if the line isn't empty and isn't a comment */
if (line_buf[i] == '#')
continue;
@@ -372,7 +392,9 @@
/* We have a valid line - allocate a new node. */
temp = (file_context_node_t *)malloc(sizeof(file_context_node_t));
if (!temp) {
+ free(line_buf);
fprintf(stderr, "Error: failure allocating memory.\n");
+ fc_free_file_context_node_list(head);
return 1;
}
temp->next = NULL;
@@ -381,19 +403,15 @@
/* Parse out the regular expression from the line. */
start = i;
-
while (i < line_len && (!isspace(line_buf[i])))
i++;
finish = i;
-
regex_len = finish - start;
if (regex_len == 0) {
file_context_node_destroy(temp);
free(temp);
-
-
continue;
}
@@ -401,13 +419,14 @@
if (!temp->path) {
file_context_node_destroy(temp);
free(temp);
+ free(line_buf);
fprintf(stderr, "Error: failure allocating memory.\n");
+ fc_free_file_context_node_list(head);
return 1;
}
/* Get rid of whitespace after the regular expression. */
for (; i < line_len; i++) {
-
if (!isspace(line_buf[i]))
break;
}
@@ -419,18 +438,21 @@
}
/* Parse out the type from the line (if it
- * is there). */
+ * is there). */
if (line_buf[i] == '-') {
temp->file_type = (char *)malloc(sizeof(char) * 3);
if (!(temp->file_type)) {
+ file_context_node_destroy(temp);
+ free(temp);
+ free(line_buf);
fprintf(stderr, "Error: failure allocating memory.\n");
+ fc_free_file_context_node_list(head);
return 1;
}
if( i + 2 >= line_len ) {
file_context_node_destroy(temp);
free(temp);
-
continue;
}
@@ -447,7 +469,6 @@
}
if (i == line_len) {
-
file_context_node_destroy(temp);
free(temp);
continue;
@@ -466,16 +487,18 @@
if (!temp->context) {
file_context_node_destroy(temp);
free(temp);
+ free(line_buf);
fprintf(stderr, "Error: failure allocating memory.\n");
+ fc_free_file_context_node_list(head);
return 1;
}
/* Set all the data about the regular
- * expression. */
+ * expression. */
fc_fill_data(temp);
/* Link this line of code at the end of
- * the linked list. */
+ * the linked list. */
current->next = temp;
current = current->next;
lines++;
@@ -485,10 +508,15 @@
/* Create the bucket linked list from the earlier linked list. */
current = head->next;
- free(head);
bcurrent = master =
(file_context_bucket_t *)
malloc(sizeof(file_context_bucket_t));
+ if (!bcurrent) {
+ printf
+ ("Error: failure allocating memory.\n");
+ fc_free_file_context_node_list(head);
+ return -1;
+ }
bcurrent->next = NULL;
bcurrent->data = NULL;
@@ -507,35 +535,35 @@
(file_context_bucket_t *)
malloc(sizeof(file_context_bucket_t));
if (!(bcurrent->next)) {
- // Static analyzer complains about a
- // memory leak of the memory used by the
- // list created with bcurrent. We could
- // try to deallocate it before returning
- // it but since this is the "main"
- // routine, it is not worth doing
- // that. Just silence the static analyzer.
- // NOLINTNEXTLINE
- printf
- ("Error: failure allocating memory.\n");
- return -1;
+ printf
+ ("Error: failure allocating memory.\n");
+ free(head);
+ fc_free_file_context_node_list(current);
+ fc_merge_sort(master);
+ fc_free_file_context_node_list(master->data);
+ free(master);
+ return -1;
}
/* Make sure the new bucket thinks it's the end of the
- * list. */
+ * list. */
bcurrent->next->next = NULL;
bcurrent = bcurrent->next;
}
-
}
/* Sort the bucket list. */
fc_merge_sort(master);
+ free(head);
+
/* Open the output file. */
if (output_name) {
if (!(out_file = fopen(output_name, "w"))) {
printf("Error: failure opening output file for write.\n");
+ fc_free_file_context_node_list(master->data);
+ free(master);
return -1;
}
} else {
@@ -544,6 +572,7 @@
/* Output the sorted file_context linked list to the output file. */
current = master->data;
+
while (current) {
/* Output the path. */
fprintf(out_file, "%s\t\t", current->path);
@@ -556,14 +585,10 @@
/* Output the context. */
fprintf(out_file, "%s\n", current->context);
- /* Remove the node. */
- temp = current;
current = current->next;
-
- file_context_node_destroy(temp);
- free(temp);
-
}
+
+ fc_free_file_context_node_list(master->data);
free(master);
if (output_name) {