Merge "Cleanup ro.boot.microdroid.app_debuggable"
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index c4a74b6..2ee0ae2 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@@ -29,6 +29,7 @@
"android.hardware.authsecret.IAuthSecret/default": EXCEPTION_NO_FUZZER,
"android.hardware.automotive.evs.IEvsEnumerator/hw/0": EXCEPTION_NO_FUZZER,
"android.hardware.boot.IBootControl/default": EXCEPTION_NO_FUZZER,
+ "android.hardware.automotive.can.ICanController/default": EXCEPTION_NO_FUZZER,
"android.hardware.automotive.evs.IEvsEnumerator/hw/1": EXCEPTION_NO_FUZZER,
"android.hardware.automotive.remoteaccess.IRemoteAccess/default": EXCEPTION_NO_FUZZER,
"android.hardware.automotive.vehicle.IVehicle/default": EXCEPTION_NO_FUZZER,
@@ -83,6 +84,9 @@
"android.hardware.radio.sim.IRadioSim/slot1": EXCEPTION_NO_FUZZER,
"android.hardware.radio.sim.IRadioSim/slot2": EXCEPTION_NO_FUZZER,
"android.hardware.radio.sim.IRadioSim/slot3": EXCEPTION_NO_FUZZER,
+ "android.hardware.radio.sim.ISap/slot1": EXCEPTION_NO_FUZZER,
+ "android.hardware.radio.sim.ISap/slot2": EXCEPTION_NO_FUZZER,
+ "android.hardware.radio.sim.ISap/slot3": EXCEPTION_NO_FUZZER,
"android.hardware.radio.voice.IRadioVoice/slot1": EXCEPTION_NO_FUZZER,
"android.hardware.radio.voice.IRadioVoice/slot2": EXCEPTION_NO_FUZZER,
"android.hardware.radio.voice.IRadioVoice/slot3": EXCEPTION_NO_FUZZER,
diff --git a/microdroid/system/private/net.te b/microdroid/system/private/net.te
index 1b2fd41..8e783cb 100644
--- a/microdroid/system/private/net.te
+++ b/microdroid/system/private/net.te
@@ -2,15 +2,3 @@
type node, node_type;
type netif, netif_type;
type port, port_type;
-
-###
-### Domain with network access
-###
-
-allow netdomain self:tcp_socket create_stream_socket_perms;
-allow netdomain self:{ icmp_socket udp_socket rawip_socket } create_socket_perms;
-
-allow netdomain port_type:tcp_socket name_connect;
-allow netdomain node_type:{ icmp_socket rawip_socket tcp_socket udp_socket } node_bind;
-allow netdomain port_type:udp_socket name_bind;
-allow netdomain port_type:tcp_socket name_bind;
diff --git a/microdroid/system/public/attributes b/microdroid/system/public/attributes
index 419caa1..61bf8fb 100644
--- a/microdroid/system/public/attributes
+++ b/microdroid/system/public/attributes
@@ -120,9 +120,6 @@
attribute vendor_public_property_type;
expandattribute vendor_public_property_type false;
-# All domains used for apps with network access.
-attribute netdomain;
-
# All domains used for apps with bluetooth access.
attribute bluetoothdomain;
diff --git a/microdroid/system/public/shell.te b/microdroid/system/public/shell.te
index bde9cd9..0bcb29d 100644
--- a/microdroid/system/public/shell.te
+++ b/microdroid/system/public/shell.te
@@ -2,9 +2,6 @@
type shell, domain;
type shell_exec, system_file_type, exec_type, file_type;
-# Create and use network sockets.
-net_domain(shell)
-
# Root fs.
allow shell rootfs:dir r_dir_perms;
diff --git a/microdroid/system/public/su.te b/microdroid/system/public/su.te
index 152de51..5f41e37 100644
--- a/microdroid/system/public/su.te
+++ b/microdroid/system/public/su.te
@@ -6,8 +6,6 @@
type su, domain;
# Add su to various domains
-net_domain(su)
-
dontaudit su self:capability_class_set *;
dontaudit su self:capability2 *;
dontaudit su kernel:security *;
diff --git a/prebuilts/api/33.0/private/system_server.te b/prebuilts/api/33.0/private/system_server.te
index 8a7947d..6d3bc78 100644
--- a/prebuilts/api/33.0/private/system_server.te
+++ b/prebuilts/api/33.0/private/system_server.te
@@ -396,6 +396,7 @@
hal_graphics_allocator_server
hal_graphics_composer_server
hal_health_server
+ hal_input_processor_server
hal_light_server
hal_neuralnetworks_server
hal_omx_server
diff --git a/prebuilts/api/33.0/public/dumpstate.te b/prebuilts/api/33.0/public/dumpstate.te
index 8d3e556..05a7317 100644
--- a/prebuilts/api/33.0/public/dumpstate.te
+++ b/prebuilts/api/33.0/public/dumpstate.te
@@ -113,9 +113,6 @@
sysfs_zram
}:file r_file_perms;
-# Ignore other file access under /sys.
-dontaudit dumpstate sysfs:file r_file_perms;
-
# Other random bits of data we want to collect
no_debugfs_restriction(`
allow dumpstate debugfs:file r_file_perms;
diff --git a/private/bpfloader.te b/private/bpfloader.te
index 28c1464..6bdc259 100644
--- a/private/bpfloader.te
+++ b/private/bpfloader.te
@@ -18,6 +18,8 @@
allow bpfloader sysfs_fs_fuse_bpf:file r_file_perms;
+allow bpfloader proc_bpf:file w_file_perms;
+
set_prop(bpfloader, bpf_progs_loaded_prop)
allow bpfloader bpfloader_exec:file execute_no_trans;
@@ -27,12 +29,11 @@
###
# Note: we don't care about getattr/mounton/search
-neverallow { domain } bpffs_type:dir { open read setattr };
+neverallow { domain } bpffs_type:dir ~{ add_name create getattr mounton remove_name search write };
neverallow { domain -bpfloader } bpffs_type:dir { add_name create remove_name write };
-neverallow domain bpffs_type:dir ~{ add_name create getattr mounton open read remove_name search setattr write };
-neverallow { domain -bpfloader } bpffs_type:file { map open setattr };
-neverallow { domain -bpfloader } bpffs_type:file { create getattr rename };
+neverallow { domain } bpffs_type:file ~{ create getattr map open read rename setattr write };
+neverallow { domain -bpfloader } bpffs_type:file { create getattr map open rename setattr };
neverallow { domain -bpfloader -gpuservice -lmkd -mediaprovider_app -netd -netutils_wrapper -system_server } fs_bpf:file read;
neverallow { domain -bpfloader } fs_bpf_loader:file read;
neverallow { domain -bpfloader -network_stack } fs_bpf_net_private:file read;
@@ -41,14 +42,15 @@
neverallow { domain -bpfloader -netd -netutils_wrapper -network_stack -system_server } fs_bpf_netd_shared:file read;
neverallow { domain -bpfloader -network_stack } fs_bpf_tethering:file read;
neverallow { domain -bpfloader -gpuservice -netd -netutils_wrapper -network_stack -system_server } { bpffs_type -fs_bpf_vendor }:file write;
-neverallow domain bpffs_type:file ~{ create getattr map open read rename setattr write };
neverallow { domain -bpfloader } bpffs_type:lnk_file ~read;
neverallow { domain -bpfdomain } bpffs_type:lnk_file read;
neverallow { domain -bpfloader } *:bpf { map_create prog_load };
+
+# 'fs_bpf_loader' is for internal use of the BpfLoader oneshot boot time process.
neverallow { domain -bpfloader } fs_bpf_loader:bpf *;
-neverallow { domain -bpfloader } fs_bpf_loader:file open;
+neverallow { domain -bpfloader } fs_bpf_loader:file *;
neverallow {
domain
@@ -71,6 +73,4 @@
# No domain should be allowed to ptrace bpfloader
neverallow { domain userdebug_or_eng(`-llkd') } bpfloader:process ptrace;
-# Currently only bpfloader.rc (which runs as init) can do bpf sysctl setup
-# this should perhaps be moved to the bpfloader binary itself. Allow both.
-neverallow { domain -bpfloader -init } proc_bpf:file write;
+neverallow { domain -bpfloader } proc_bpf:file write;
diff --git a/private/canhalconfigurator.te b/private/canhalconfigurator.te
index 9ba60ac..5673ccd 100644
--- a/private/canhalconfigurator.te
+++ b/private/canhalconfigurator.te
@@ -5,3 +5,6 @@
# This allows the configurator to look up the CAN HAL controller via
# hwservice_manager and communicate with it.
hal_client_domain(canhalconfigurator, hal_can_controller)
+
+binder_use(canhalconfigurator)
+binder_call(hal_can_controller, canhalconfigurator)
diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 786dc14..4e6c053 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@@ -42,4 +42,5 @@
hal_broadcastradio_service
hal_confirmationui_service
hal_fastboot_service
+ hal_can_controller_service
))
diff --git a/private/file_contexts b/private/file_contexts
index 72fae62..632e069 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -223,7 +223,7 @@
/system/bin/boringssl_self_test(32|64) u:object_r:boringssl_self_test_exec:s0
/system/bin/prng_seeder u:object_r:prng_seeder_exec:s0
/system/bin/charger u:object_r:charger_exec:s0
-/system/bin/canhalconfigurator u:object_r:canhalconfigurator_exec:s0
+/system/bin/canhalconfigurator(-aidl)? u:object_r:canhalconfigurator_exec:s0
/system/bin/e2fsdroid u:object_r:e2fs_exec:s0
/system/bin/mke2fs u:object_r:e2fs_exec:s0
/system/bin/e2fsck -- u:object_r:fsck_exec:s0
diff --git a/private/property_contexts b/private/property_contexts
index 823fa2f..a6a6ce4 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -377,6 +377,7 @@
camera.disable_preview_scheduler u:object_r:camera_config_prop:s0 exact bool
camera.disable_zsl_mode u:object_r:camera_config_prop:s0 exact bool
camera.fifo.disable u:object_r:camera_config_prop:s0 exact bool
+camera.enable_landscape_to_portrait u:object_r:camera_config_prop:s0 exact bool
ro.camera.notify_nfc u:object_r:camera_config_prop:s0 exact bool
ro.camera.enableLazyHal u:object_r:camera_config_prop:s0 exact bool
ro.camera.enableCamera1MaxZsl u:object_r:camera_config_prop:s0 exact bool
diff --git a/private/service_contexts b/private/service_contexts
index 6dfc5a7..e9fc83c 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -6,6 +6,7 @@
android.hardware.authsecret.IAuthSecret/default u:object_r:hal_authsecret_service:s0
android.hardware.automotive.evs.IEvsEnumerator/hw/0 u:object_r:hal_evs_service:s0
android.hardware.boot.IBootControl/default u:object_r:hal_bootctl_service:s0
+android.hardware.automotive.can.ICanController/default u:object_r:hal_can_controller_service:s0
android.hardware.automotive.evs.IEvsEnumerator/hw/1 u:object_r:hal_evs_service:s0
android.hardware.automotive.audiocontrol.IAudioControl/default u:object_r:hal_audiocontrol_service:s0
android.hardware.automotive.remoteaccess.IRemoteAccess/default u:object_r:hal_remoteaccess_service:s0
@@ -61,6 +62,9 @@
android.hardware.radio.sim.IRadioSim/slot1 u:object_r:hal_radio_service:s0
android.hardware.radio.sim.IRadioSim/slot2 u:object_r:hal_radio_service:s0
android.hardware.radio.sim.IRadioSim/slot3 u:object_r:hal_radio_service:s0
+android.hardware.radio.sim.ISap/slot1 u:object_r:hal_radio_service:s0
+android.hardware.radio.sim.ISap/slot2 u:object_r:hal_radio_service:s0
+android.hardware.radio.sim.ISap/slot3 u:object_r:hal_radio_service:s0
android.hardware.radio.voice.IRadioVoice/slot1 u:object_r:hal_radio_service:s0
android.hardware.radio.voice.IRadioVoice/slot2 u:object_r:hal_radio_service:s0
android.hardware.radio.voice.IRadioVoice/slot3 u:object_r:hal_radio_service:s0
diff --git a/public/hal_can.te b/public/hal_can.te
index 959d1d9..6d4cc89 100644
--- a/public/hal_can.te
+++ b/public/hal_can.te
@@ -7,3 +7,8 @@
binder_call(hal_can_bus_client, hal_can_bus_server)
binder_call(hal_can_bus_server, hal_can_bus_client)
hal_attribute_hwservice(hal_can_bus, hal_can_bus_hwservice)
+
+# AIDL HAL for CAN buses (ICanController)
+hal_attribute_service(hal_can_controller, hal_can_controller_service)
+binder_call(hal_can_controller, servicemanager)
+
diff --git a/public/init.te b/public/init.te
index d74d1a8..fa51ef5 100644
--- a/public/init.te
+++ b/public/init.te
@@ -397,7 +397,6 @@
allow init {
proc_abi
- proc_bpf
proc_cpu_alignment
proc_dirty
proc_hostname
diff --git a/public/service.te b/public/service.te
index 819498c..1fcaaf1 100644
--- a/public/service.te
+++ b/public/service.te
@@ -275,6 +275,7 @@
type hal_bootctl_service, protected_service, hal_service_type, service_manager_type;
type hal_broadcastradio_service, protected_service, hal_service_type, service_manager_type;
type hal_camera_service, protected_service, hal_service_type, service_manager_type;
+type hal_can_controller_service, protected_service, hal_service_type, service_manager_type;
type hal_cas_service, hal_service_type, service_manager_type;
type hal_confirmationui_service, protected_service, hal_service_type, service_manager_type;
type hal_contexthub_service, protected_service, hal_service_type, service_manager_type;
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 5b2df7e..a8655b0 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -10,6 +10,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.audiocontrol@2\.0-service u:object_r:hal_audiocontrol_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.audiocontrol-service.example u:object_r:hal_audiocontrol_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.can@1\.0-service u:object_r:hal_can_socketcan_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.can-service u:object_r:hal_can_socketcan_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.evs(.*)? u:object_r:hal_evs_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.vehicle@2\.0-((default|emulator)-)*(service|protocan-service) u:object_r:hal_vehicle_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.vehicle@V1-(default|emulator)-service u:object_r:hal_vehicle_default_exec:s0