Merge "Add sysprop for MSFT HCI Ext vendor opcode" into main
diff --git a/private/domain.te b/private/domain.te
index 7b448c3..8db40a5 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -532,12 +532,6 @@
# TODO(384942085): Reduce the scope.
allow domain kernel:key search;
-# For testing purposes, allow access to keys installed with su.
-# TODO(277916185): Remove since this shouldn't be needed anymore.
-userdebug_or_eng(`
- allow domain su:key search;
-')
-
# Allow access to linkerconfig file
allow domain linkerconfig_file:dir search;
allow domain linkerconfig_file:file r_file_perms;
diff --git a/private/mmd.te b/private/mmd.te
index 90510f1..fec356e 100644
--- a/private/mmd.te
+++ b/private/mmd.te
@@ -6,7 +6,8 @@
init_daemon_domain(mmd)
# Set mmd.enabled_aconfig properties.
-set_prop(mmd, mmd_prop)
+set_prop(mmd, mmd_status_prop)
+get_prop(mmd, mmd_prop)
get_prop(mmd, device_config_mmd_native_prop)
# mmd binder setup
@@ -29,3 +30,6 @@
# swapon syscall
allow mmd self:capability sys_admin;
+
+# Allow mmd to write to statsd socket.
+unix_socket_send(mmd, statsdw, statsd)
diff --git a/private/property.te b/private/property.te
index dec43e1..f42ac47 100644
--- a/private/property.te
+++ b/private/property.te
@@ -36,7 +36,7 @@
system_internal_prop(localization_prop)
system_internal_prop(logd_auditrate_prop)
system_internal_prop(lower_kptr_restrict_prop)
-system_internal_prop(mmd_prop)
+system_internal_prop(mmd_status_prop)
system_internal_prop(net_464xlat_fromvendor_prop)
system_internal_prop(net_connectivity_prop)
system_internal_prop(netd_stable_secret_prop)
@@ -111,6 +111,8 @@
# Properties which should only be written by vendor_init
system_vendor_config_prop(avf_virtualizationservice_prop)
system_vendor_config_prop(high_barometer_quality_prop)
+system_vendor_config_prop(mmd_prop)
+system_vendor_config_prop(mmd_shared_prop)
system_vendor_config_prop(prefetch_boot_prop)
system_vendor_config_prop(widevine_sys_vendor_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 9ea1f4b..a43cfbe 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -1819,4 +1819,5 @@
# Properties for mmd
mmd. u:object_r:mmd_prop:s0
-mmd.enabled_aconfig u:object_r:mmd_prop:s0 exact bool
+mmd.zram.enabled u:object_r:mmd_shared_prop:s0 exact bool
+mmd.enabled_aconfig u:object_r:mmd_status_prop:s0 exact bool
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 25ed1ba..1a4d944 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -221,6 +221,4 @@
user=_app domain=untrusted_app_25 type=app_data_file levelFrom=user
user=_app minTargetSdkVersion=28 fromRunAs=true domain=runas_app levelFrom=all
user=_app fromRunAs=true domain=runas_app levelFrom=user
-user=_app isPrivApp=true name=com.android.virtualization.vmlauncher domain=vmlauncher_app type=privapp_data_file levelFrom=all
-user=_app isPrivApp=true name=com.google.android.virtualization.vmlauncher domain=vmlauncher_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true name=com.android.virtualization.terminal domain=vmlauncher_app type=privapp_data_file levelFrom=all
diff --git a/private/simpleperf.te b/private/simpleperf.te
index 6fff07c..46769cb 100644
--- a/private/simpleperf.te
+++ b/private/simpleperf.te
@@ -21,7 +21,6 @@
# consistent if simpleperf is marked as an app domain as well (as, for example,
# it will then see the same set of system libraries as the app).
app_domain(simpleperf)
-untrusted_app_domain(simpleperf)
# Allow ptrace attach to the target app, for reading JIT debug info (using
# process_vm_readv) during unwinding and symbolization.
@@ -45,7 +44,23 @@
# not allowed to see.
dontaudit simpleperf domain:dir search;
+# Allow simpleperf to read apk files and libraries executed by the app.
+r_dir_file(simpleperf, privapp_data_file);
+r_dir_file(simpleperf, app_data_file);
+allow simpleperf { apk_tmp_file apk_private_tmp_file }:file { getattr read };
+allow simpleperf system_linker_exec:file r_file_perms;
+allow simpleperf app_exec_data_file:file r_file_perms;
+allow simpleperf asec_public_file:file r_file_perms;
+r_dir_file(simpleperf, vendor_app_file);
+
+# Allow simpleperf to read input files passed from adb shell.
+allow simpleperf shell_data_file:file r_file_perms;
+allow simpleperf shell_data_file:dir r_dir_perms;
+
# Neverallows:
# Profiling must be confined to the scope of an individual app.
neverallow simpleperf self:perf_event ~{ open read write kernel };
+# Never allow other processes to ptrace simpleperf, as this could leak sensitive infomation from
+# raw samples.
+neverallow { domain -crash_dump -llkd } simpleperf:process ptrace;
diff --git a/private/simpleperf_app_runner.te b/private/simpleperf_app_runner.te
index 184a80a..e4871ac 100644
--- a/private/simpleperf_app_runner.te
+++ b/private/simpleperf_app_runner.te
@@ -4,6 +4,7 @@
# run simpleperf_app_runner in adb shell.
allow simpleperf_app_runner adbd:fd use;
+allow simpleperf_app_runner adbd:unix_stream_socket { read write };
allow simpleperf_app_runner shell:fd use;
allow simpleperf_app_runner devpts:chr_file { read write ioctl };
@@ -29,7 +30,7 @@
# simpleperf_app_runner passes pipe fds.
# simpleperf_app_runner writes app type (debuggable or profileable) to pipe fds.
-allow simpleperf_app_runner shell:fifo_file { read write };
+allow simpleperf_app_runner shell:fifo_file { getattr read write };
# simpleperf_app_runner checks shell data paths.
# simpleperf_app_runner passes shell data fds.
diff --git a/private/system_server.te b/private/system_server.te
index be486ac..92caa60 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -429,6 +429,9 @@
hal_sensors_server
hal_vibrator_server
hal_vr_server
+ hal_wifi_hostapd_server
+ hal_wifi_server
+ hal_wifi_supplicant_server
system_suspend_server
}:process { signal };
@@ -920,6 +923,9 @@
# Allow system server to determine if system services are enabled
get_prop(system_server, system_service_enable_prop)
+# Allow system server to read shared mmd properties
+get_prop(system_server, mmd_shared_prop)
+
# Create a socket for connections from debuggerd.
allow system_server system_ndebug_socket:sock_file create_file_perms;