Merge "atrace: debug: allow notifying camera HAL of a change in sysprops"
diff --git a/prebuilts/api/28.0/private/init.te b/prebuilts/api/28.0/private/init.te
index e9959d3..8ba050f 100644
--- a/prebuilts/api/28.0/private/init.te
+++ b/prebuilts/api/28.0/private/init.te
@@ -20,3 +20,6 @@
userdebug_or_eng(`
domain_auto_trans(init, logcat_exec, logpersist)
')
+
+# Allow the BoringSSL self test to request a reboot upon failure
+set_prop(init, powerctl_prop)
diff --git a/public/init.te b/public/init.te
index 61b8ffb..86e0d32 100644
--- a/public/init.te
+++ b/public/init.te
@@ -46,6 +46,8 @@
userdata_block_device
}:{ blk_file lnk_file } relabelto;
+allow init super_block_device:lnk_file relabelto;
+
# Create /mnt/sdcard -> /storage/self/primary symlink.
allow init mnt_sdcard_file:lnk_file create;
diff --git a/tools/sepolicy-analyze/neverallow.c b/tools/sepolicy-analyze/neverallow.c
index 0209678..a55a921 100644
--- a/tools/sepolicy-analyze/neverallow.c
+++ b/tools/sepolicy-analyze/neverallow.c
@@ -378,7 +378,7 @@
{
const char *keyword = "neverallow";
size_t keyword_size = strlen(keyword), len;
- struct avrule *neverallows = NULL, *avrule;
+ struct avrule *neverallows = NULL, *avrule = NULL;
char *p, *start;
int result;
diff --git a/tools/sepolicy-analyze/sepolicy-analyze.c b/tools/sepolicy-analyze/sepolicy-analyze.c
index b4571a6..1b7bcdb 100644
--- a/tools/sepolicy-analyze/sepolicy-analyze.c
+++ b/tools/sepolicy-analyze/sepolicy-analyze.c
@@ -50,7 +50,7 @@
if (argc < 3)
usage(argv[0]);
policy = argv[1];
- if(load_policy(policy, &policydb, &pf))
+ if(!load_policy(policy, &policydb, &pf))
exit(1);
for(i = 0; i < NUM_COMPONENTS; i++) {
if (!strcmp(analyze_components[i].key, argv[2])) {
diff --git a/tools/sepolicy-analyze/utils.c b/tools/sepolicy-analyze/utils.c
index 5e52f59..af93f71 100644
--- a/tools/sepolicy-analyze/utils.c
+++ b/tools/sepolicy-analyze/utils.c
@@ -22,28 +22,26 @@
(policydb, key->target_class, perms));
}
-int load_policy(char *filename, policydb_t * policydb, struct policy_file *pf)
+bool load_policy(char *filename, policydb_t * policydb, struct policy_file *pf)
{
- int fd;
+ int fd = -1;
struct stat sb;
- void *map;
- int ret;
+ void *map = MAP_FAILED;
+ bool ret = false;
fd = open(filename, O_RDONLY);
if (fd < 0) {
fprintf(stderr, "Can't open '%s': %s\n", filename, strerror(errno));
- return 1;
+ goto cleanup;
}
if (fstat(fd, &sb) < 0) {
fprintf(stderr, "Can't stat '%s': %s\n", filename, strerror(errno));
- close(fd);
- return 1;
+ goto cleanup;
}
map = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
if (map == MAP_FAILED) {
fprintf(stderr, "Can't mmap '%s': %s\n", filename, strerror(errno));
- close(fd);
- return 1;
+ goto cleanup;
}
policy_file_init(pf);
@@ -52,17 +50,21 @@
pf->len = sb.st_size;
if (policydb_init(policydb)) {
fprintf(stderr, "Could not initialize policydb!\n");
- close(fd);
- munmap(map, sb.st_size);
- return 1;
+ goto cleanup;
}
- ret = policydb_read(policydb, pf, 0);
- if (ret) {
+ if (policydb_read(policydb, pf, 0)) {
fprintf(stderr, "error(s) encountered while parsing configuration\n");
- close(fd);
- munmap(map, sb.st_size);
- return 1;
+ goto cleanup;
}
- return 0;
+ ret = true;
+
+cleanup:
+ if (map != MAP_FAILED) {
+ munmap(map, sb.st_size);
+ }
+ if (fd >= 0) {
+ close(fd);
+ }
+ return ret;
}
diff --git a/tools/sepolicy-analyze/utils.h b/tools/sepolicy-analyze/utils.h
index 83f5a78..cef6ca3 100644
--- a/tools/sepolicy-analyze/utils.h
+++ b/tools/sepolicy-analyze/utils.h
@@ -11,6 +11,6 @@
void display_allow(policydb_t *policydb, avtab_key_t *key, int idx, uint32_t perms);
-int load_policy(char *filename, policydb_t * policydb, struct policy_file *pf);
+bool load_policy(char *filename, policydb_t * policydb, struct policy_file *pf);
#endif /* UTILS_H */