Merge "set_prop(shell, bionic_linker_16kb_app_compat_prop)" into main
diff --git a/Android.bp b/Android.bp
index 9905e73..d1ef861 100644
--- a/Android.bp
+++ b/Android.bp
@@ -1040,6 +1040,7 @@
"product_202404.cil",
],
}),
+ product_specific: true,
}
phony {
@@ -1086,6 +1087,7 @@
],
default: [],
}),
+ vendor: true,
}
phony {
diff --git a/Android.mk b/Android.mk
deleted file mode 100644
index 6474b2a..0000000
--- a/Android.mk
+++ /dev/null
@@ -1,178 +0,0 @@
-LOCAL_PATH:= $(call my-dir)
-
-include $(CLEAR_VARS)
-
-ifdef BOARD_SEPOLICY_UNION
-$(warning BOARD_SEPOLICY_UNION is no longer required - all files found in BOARD_SEPOLICY_DIRS are implicitly unioned; please remove from your BoardConfig.mk or other .mk file.)
-endif
-
-# sepolicy is now divided into multiple portions:
-# public - policy exported on which non-platform policy developers may write
-# additional policy. types and attributes are versioned and included in
-# delivered non-platform policy, which is to be combined with platform policy.
-# private - platform-only policy required for platform functionality but which
-# is not exported to vendor policy developers and as such may not be assumed
-# to exist.
-# vendor - vendor-only policy required for vendor functionality. This policy can
-# reference the public policy but cannot reference the private policy. This
-# policy is for components which are produced from the core/non-vendor tree and
-# placed into a vendor partition.
-# mapping - This contains policy statements which map the attributes
-# exposed in the public policy of previous versions to the concrete types used
-# in this policy to ensure that policy targeting attributes from public
-# policy from an older platform version continues to work.
-
-# build process for device:
-# 1) convert policies to CIL:
-# - private + public platform policy to CIL
-# - mapping file to CIL (should already be in CIL form)
-# - non-platform public policy to CIL
-# - non-platform public + private policy to CIL
-# 2) attributize policy
-# - run script which takes non-platform public and non-platform combined
-# private + public policy and produces attributized and versioned
-# non-platform policy
-# 3) combine policy files
-# - combine mapping, platform and non-platform policy.
-# - compile output binary policy file
-
-PLAT_PUBLIC_POLICY := $(LOCAL_PATH)/public
-PLAT_PRIVATE_POLICY := $(LOCAL_PATH)/private
-PLAT_VENDOR_POLICY := $(LOCAL_PATH)/vendor
-REQD_MASK_POLICY := $(LOCAL_PATH)/reqd_mask
-
-SYSTEM_EXT_PUBLIC_POLICY := $(SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS)
-SYSTEM_EXT_PRIVATE_POLICY := $(SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS)
-
-PRODUCT_PUBLIC_POLICY := $(PRODUCT_PUBLIC_SEPOLICY_DIRS)
-PRODUCT_PRIVATE_POLICY := $(PRODUCT_PRIVATE_SEPOLICY_DIRS)
-
-ifneq (,$(SYSTEM_EXT_PUBLIC_POLICY)$(SYSTEM_EXT_PRIVATE_POLICY))
-HAS_SYSTEM_EXT_SEPOLICY_DIR := true
-endif
-
-# TODO(b/119305624): Currently if the device doesn't have a product partition,
-# we install product sepolicy into /system/product. We do that because bits of
-# product sepolicy that's still in /system might depend on bits that have moved
-# to /product. Once we finish migrating product sepolicy out of system, change
-# it so that if no product partition is present, product sepolicy artifacts are
-# not built and installed at all.
-ifneq (,$(PRODUCT_PUBLIC_POLICY)$(PRODUCT_PRIVATE_POLICY))
-HAS_PRODUCT_SEPOLICY_DIR := true
-endif
-
-ifeq ($(SELINUX_IGNORE_NEVERALLOWS),true)
-ifeq ($(TARGET_BUILD_VARIANT),user)
-$(error SELINUX_IGNORE_NEVERALLOWS := true cannot be used in user builds)
-endif
-$(warning Be careful when using the SELINUX_IGNORE_NEVERALLOWS flag. \
- It does not work in user builds and using it will \
- not stop you from failing CTS.)
-endif
-
-# BOARD_SEPOLICY_DIRS was used for vendor/odm sepolicy customization before.
-# It has been replaced by BOARD_VENDOR_SEPOLICY_DIRS (mandatory) and
-# BOARD_ODM_SEPOLICY_DIRS (optional). BOARD_SEPOLICY_DIRS is still allowed for
-# backward compatibility, which will be merged into BOARD_VENDOR_SEPOLICY_DIRS.
-ifdef BOARD_SEPOLICY_DIRS
-BOARD_VENDOR_SEPOLICY_DIRS += $(BOARD_SEPOLICY_DIRS)
-endif
-
-###########################################################
-# Compute policy files to be used in policy build.
-# $(1): files to include
-# $(2): directories in which to find files
-###########################################################
-
-define build_policy
-$(strip $(foreach type, $(1), $(foreach file, $(addsuffix /$(type), $(2)), $(sort $(wildcard $(file))))))
-endef
-
-sepolicy_build_files := security_classes \
- initial_sids \
- access_vectors \
- global_macros \
- neverallow_macros \
- mls_macros \
- mls_decl \
- mls \
- policy_capabilities \
- te_macros \
- attributes \
- ioctl_defines \
- ioctl_macros \
- *.te \
- roles_decl \
- roles \
- users \
- initial_sid_contexts \
- fs_use \
- genfs_contexts \
- port_contexts
-
-sepolicy_compat_files := $(foreach ver, $(PLATFORM_SEPOLICY_COMPAT_VERSIONS), \
- $(addprefix compat/$(ver)/, $(addsuffix .cil, $(ver))))
-
-# Security classes and permissions defined outside of system/sepolicy.
-security_class_extension_files := $(call build_policy, security_classes access_vectors, \
- $(SYSTEM_EXT_PUBLIC_POLICY) $(SYSTEM_EXT_PRIVATE_POLICY) \
- $(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY) \
- $(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_ODM_SEPOLICY_DIRS))
-
-ifneq (,$(strip $(security_class_extension_files)))
- $(error Only platform SELinux policy may define classes and permissions: $(strip $(security_class_extension_files)))
-endif
-
-ifdef HAS_SYSTEM_EXT_SEPOLICY_DIR
- # Checks if there are public system_ext policy files.
- policy_files := $(call build_policy, $(sepolicy_build_files), $(SYSTEM_EXT_PUBLIC_POLICY))
- ifneq (,$(strip $(policy_files)))
- HAS_SYSTEM_EXT_PUBLIC_SEPOLICY := true
- endif
- # Checks if there are public/private system_ext policy files.
- policy_files := $(call build_policy, $(sepolicy_build_files), $(SYSTEM_EXT_PUBLIC_POLICY) $(SYSTEM_EXT_PRIVATE_POLICY))
- ifneq (,$(strip $(policy_files)))
- HAS_SYSTEM_EXT_SEPOLICY := true
- endif
-endif # ifdef HAS_SYSTEM_EXT_SEPOLICY_DIR
-
-ifdef HAS_PRODUCT_SEPOLICY_DIR
- # Checks if there are public product policy files.
- policy_files := $(call build_policy, $(sepolicy_build_files), $(PRODUCT_PUBLIC_POLICY))
- ifneq (,$(strip $(policy_files)))
- HAS_PRODUCT_PUBLIC_SEPOLICY := true
- endif
- # Checks if there are public/private product policy files.
- policy_files := $(call build_policy, $(sepolicy_build_files), $(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY))
- ifneq (,$(strip $(policy_files)))
- HAS_PRODUCT_SEPOLICY := true
- endif
-endif # ifdef HAS_PRODUCT_SEPOLICY_DIR
-
-with_asan := false
-ifneq (,$(filter address,$(SANITIZE_TARGET)))
- with_asan := true
-endif
-
-ifeq ($(PRODUCT_SHIPPING_API_LEVEL),)
- #$(warning no product shipping level defined)
-else ifneq ($(call math_lt,29,$(PRODUCT_SHIPPING_API_LEVEL)),)
- ifneq ($(BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW),)
- $(error BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW cannot be set on a device shipping with R or later, and this is tested by CTS.)
- endif
-endif
-
-ifeq ($(PRODUCT_SHIPPING_API_LEVEL),)
- #$(warning no product shipping level defined)
-else ifneq ($(call math_lt,30,$(PRODUCT_SHIPPING_API_LEVEL)),)
- ifneq ($(BUILD_BROKEN_ENFORCE_SYSPROP_OWNER),)
- $(error BUILD_BROKEN_ENFORCE_SYSPROP_OWNER cannot be set on a device shipping with S or later, and this is tested by CTS.)
- endif
-endif
-
-#################################
-
-
-build_policy :=
-sepolicy_build_files :=
-with_asan :=
diff --git a/apex/com.android.uprobestats-file_contexts b/apex/com.android.uprobestats-file_contexts
index 01de3e2..994951b 100644
--- a/apex/com.android.uprobestats-file_contexts
+++ b/apex/com.android.uprobestats-file_contexts
@@ -1,3 +1,3 @@
(/.*)? u:object_r:system_file:s0
/bin/uprobestats u:object_r:uprobestats_exec:s0
-
+/bin/uprobestatsbpfload u:object_r:bpfloader_exec:s0
diff --git a/build/soong/selinux_contexts.go b/build/soong/selinux_contexts.go
index fd1cd34..330e02f 100644
--- a/build/soong/selinux_contexts.go
+++ b/build/soong/selinux_contexts.go
@@ -228,46 +228,46 @@
}
}
-func (m *selinuxContextsModule) ImageMutatorBegin(ctx android.BaseModuleContext) {
+func (m *selinuxContextsModule) ImageMutatorBegin(ctx android.ImageInterfaceContext) {
if proptools.Bool(m.properties.Recovery_available) && m.ModuleBase.InstallInRecovery() {
ctx.PropertyErrorf("recovery_available",
"doesn't make sense at the same time as `recovery: true`")
}
}
-func (m *selinuxContextsModule) VendorVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *selinuxContextsModule) VendorVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *selinuxContextsModule) ProductVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *selinuxContextsModule) ProductVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *selinuxContextsModule) CoreVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *selinuxContextsModule) CoreVariantNeeded(ctx android.ImageInterfaceContext) bool {
return !m.ModuleBase.InstallInRecovery()
}
-func (m *selinuxContextsModule) RamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *selinuxContextsModule) RamdiskVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *selinuxContextsModule) VendorRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *selinuxContextsModule) VendorRamdiskVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *selinuxContextsModule) DebugRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *selinuxContextsModule) DebugRamdiskVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *selinuxContextsModule) RecoveryVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *selinuxContextsModule) RecoveryVariantNeeded(ctx android.ImageInterfaceContext) bool {
return m.ModuleBase.InstallInRecovery() || proptools.Bool(m.properties.Recovery_available)
}
-func (m *selinuxContextsModule) ExtraImageVariations(ctx android.BaseModuleContext) []string {
+func (m *selinuxContextsModule) ExtraImageVariations(ctx android.ImageInterfaceContext) []string {
return nil
}
-func (m *selinuxContextsModule) SetImageVariation(ctx android.BaseModuleContext, variation string) {
+func (m *selinuxContextsModule) SetImageVariation(ctx android.ImageInterfaceContext, variation string) {
}
var _ android.ImageInterface = (*selinuxContextsModule)(nil)
@@ -716,42 +716,42 @@
// contextsTestModule implements ImageInterface to be able to include recovery_available contexts
// modules as its sources.
-func (m *contextsTestModule) ImageMutatorBegin(ctx android.BaseModuleContext) {
+func (m *contextsTestModule) ImageMutatorBegin(ctx android.ImageInterfaceContext) {
}
-func (m *contextsTestModule) VendorVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *contextsTestModule) VendorVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *contextsTestModule) ProductVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *contextsTestModule) ProductVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *contextsTestModule) CoreVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *contextsTestModule) CoreVariantNeeded(ctx android.ImageInterfaceContext) bool {
return true
}
-func (m *contextsTestModule) RamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *contextsTestModule) RamdiskVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *contextsTestModule) VendorRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *contextsTestModule) VendorRamdiskVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *contextsTestModule) DebugRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *contextsTestModule) DebugRamdiskVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *contextsTestModule) RecoveryVariantNeeded(ctx android.BaseModuleContext) bool {
+func (m *contextsTestModule) RecoveryVariantNeeded(ctx android.ImageInterfaceContext) bool {
return false
}
-func (m *contextsTestModule) ExtraImageVariations(ctx android.BaseModuleContext) []string {
+func (m *contextsTestModule) ExtraImageVariations(ctx android.ImageInterfaceContext) []string {
return nil
}
-func (m *contextsTestModule) SetImageVariation(ctx android.BaseModuleContext, variation string) {
+func (m *contextsTestModule) SetImageVariation(ctx android.ImageInterfaceContext, variation string) {
}
var _ android.ImageInterface = (*contextsTestModule)(nil)
diff --git a/private/crosvm.te b/private/crosvm.te
index ccfffa0..d9faf10 100644
--- a/private/crosvm.te
+++ b/private/crosvm.te
@@ -184,11 +184,12 @@
-vendor_vm_data_file
# These types are not required for crosvm, but the access is granted to globally in domain.te
# thus should be exempted here.
+ -vendor_cgroup_desc_file
-vendor_configs_file
-vendor_microdroid_file
-vndk_sp_file
-vendor_task_profiles_file
- is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, `-same_process_hal_file')
+ -same_process_hal_file
}:file *;
')
diff --git a/private/domain.te b/private/domain.te
index 75bcdf9..b80b110 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -424,10 +424,13 @@
allow { domain -appdomain -rs } cgroup_v2:dir w_dir_perms;
allow { domain -appdomain -rs } cgroup_v2:file w_file_perms;
+allow domain cgroup_desc_file:file r_file_perms;
+allow domain cgroup_desc_api_file:file r_file_perms;
allow domain cgroup_rc_file:dir search;
allow domain cgroup_rc_file:file r_file_perms;
allow domain task_profiles_file:file r_file_perms;
allow domain task_profiles_api_file:file r_file_perms;
+allow domain vendor_cgroup_desc_file:file r_file_perms;
allow domain vendor_task_profiles_file:file r_file_perms;
# Allow all domains to read sys.use_memfd to determine
@@ -1231,6 +1234,8 @@
-vendor_init
} {
system_file_type
+ -cgroup_desc_file
+ -cgroup_desc_api_file
-crash_dump_exec
-file_contexts_file
-netutils_wrapper_exec
@@ -2072,6 +2077,7 @@
-vendor_apex_file
-vendor_apex_metadata_file
-vendor_boot_ota_file
+ -vendor_cgroup_desc_file
-vendor_configs_file
-vendor_microdroid_file
-vendor_service_contexts_file
diff --git a/private/property.te b/private/property.te
index b8bfd61..17e6d6e 100644
--- a/private/property.te
+++ b/private/property.te
@@ -3,6 +3,7 @@
system_internal_prop(adbd_tradeinmode_prop)
system_internal_prop(apexd_payload_metadata_prop)
system_internal_prop(ctl_snapuserd_prop)
+system_internal_prop(ctl_uprobestats_prop)
system_internal_prop(crashrecovery_prop)
system_internal_prop(debug_tracing_desktop_mode_visible_tasks_prop)
system_internal_prop(device_config_core_experiments_team_internal_prop)
diff --git a/private/property_contexts b/private/property_contexts
index ea2df66..7664d75 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -203,6 +203,11 @@
ctl.stop$snapuserd u:object_r:ctl_snapuserd_prop:s0
ctl.restart$snapuserd u:object_r:ctl_snapuserd_prop:s0
+# Restrict access to control uprobestats
+ctl.start$uprobestats u:object_r:ctl_uprobestats_prop:s0
+ctl.stop$uprobestats u:object_r:ctl_uprobestats_prop:s0
+ctl.restart$uprobestats u:object_r:ctl_uprobestats_prop:s0
+
# Restrict access to starting/stopping artd_pre_reboot.
ctl.start$artd_pre_reboot u:object_r:ctl_artd_pre_reboot_prop:s0
ctl.stop$artd_pre_reboot u:object_r:ctl_artd_pre_reboot_prop:s0
@@ -598,6 +603,12 @@
persist.bluetooth.factoryreset u:object_r:bluetooth_prop:s0 exact bool
persist.bluetooth.leaudio.allow_list u:object_r:bluetooth_prop:s0 exact string
+bluetooth.a2dp.source.sbc_priority.config u:object_r:bluetooth_config_prop:s0 exact int
+bluetooth.a2dp.source.aac_priority.config u:object_r:bluetooth_config_prop:s0 exact int
+bluetooth.a2dp.source.aptx_priority.config u:object_r:bluetooth_config_prop:s0 exact int
+bluetooth.a2dp.source.aptx_hd_priority.config u:object_r:bluetooth_config_prop:s0 exact int
+bluetooth.a2dp.source.ldac_priority.config u:object_r:bluetooth_config_prop:s0 exact int
+
bluetooth.hardware.power.operating_voltage_mv u:object_r:bluetooth_config_prop:s0 exact int
bluetooth.hardware.power.idle_cur_ma u:object_r:bluetooth_config_prop:s0 exact int
bluetooth.hardware.power.tx_cur_ma u:object_r:bluetooth_config_prop:s0 exact int
diff --git a/private/statsd.te b/private/statsd.te
index b932bc6..8b77c1e 100644
--- a/private/statsd.te
+++ b/private/statsd.te
@@ -41,6 +41,8 @@
# Allow statsd to trigger uprobestats via property.
set_prop(statsd, uprobestats_start_with_config_prop);
+# Allow statsd to start the uprobestats service.
+set_prop(statsd, ctl_uprobestats_prop)
binder_use(statsd)
# Allow statsd to scan through /proc/pid for all processes.
diff --git a/private/virtualizationservice.te b/private/virtualizationservice.te
index bc29e39..1acf734 100644
--- a/private/virtualizationservice.te
+++ b/private/virtualizationservice.te
@@ -131,7 +131,7 @@
-virtualizationmanager
-virtualizationservice
# TODO(b/332677707): remove them when display service uses binder RPC.
- is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, `-crosvm')
+ -crosvm
}:process setrlimit;
is_flag_enabled(RELEASE_AVF_ENABLE_NETWORK, `