Merge "Allow init to write to /sys/module/dm_bufio/parameters/max_age_seconds" into main
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 17d737f..35f4e09 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@@ -56,6 +56,7 @@
"android.hardware.bluetooth.finder.IBluetoothFinder/default": EXCEPTION_NO_FUZZER,
"android.hardware.bluetooth.ranging.IBluetoothChannelSounding/default": EXCEPTION_NO_FUZZER,
"android.hardware.bluetooth.lmp_event.IBluetoothLmpEvent/default": EXCEPTION_NO_FUZZER,
+ "android.hardware.bluetooth.socket.IBluetoothSocket/default": []string{"android.hardware.bluetooth.socket-service_fuzzer"},
"android.hardware.camera.provider.ICameraProvider/internal/0": EXCEPTION_NO_FUZZER,
"android.hardware.camera.provider.ICameraProvider/virtual/0": EXCEPTION_NO_FUZZER,
"android.hardware.cas.IMediaCasService/default": EXCEPTION_NO_FUZZER,
diff --git a/contexts/plat_file_contexts_test b/contexts/plat_file_contexts_test
index b3aaff1..7b3b85b 100644
--- a/contexts/plat_file_contexts_test
+++ b/contexts/plat_file_contexts_test
@@ -190,7 +190,6 @@
/dev/socket socket_device
/dev/socket/does_not_exist socket_device
/dev/socket/adbd adbd_socket
-/dev/socket/aconfigd aconfigd_socket
/dev/socket/aconfigd_system aconfigd_socket
/dev/socket/dnsproxyd dnsproxyd_socket
/dev/socket/dumpstate dumpstate_socket
@@ -469,7 +468,6 @@
/system/usr/share/zoneinfo system_zoneinfo_file
/system/usr/share/zoneinfo/0 system_zoneinfo_file
/system/bin/adbd adbd_exec
-/system/bin/aconfigd aconfigd_exec
/system/bin/aconfigd-system aconfigd_exec
/system/bin/vold_prepare_subdirs vold_prepare_subdirs_exec
/system/bin/stats stats_exec
@@ -1271,8 +1269,6 @@
/metadata/aconfig/maps/test aconfig_storage_metadata_file
/metadata/aconfig/boot aconfig_storage_metadata_file
/metadata/aconfig/boot/test aconfig_storage_metadata_file
-/metadata/aconfig_test_missions aconfig_test_mission_files
-/metadata/aconfig_test_missions/test aconfig_test_mission_files
/metadata/apex apex_metadata_file
/metadata/apex/test apex_metadata_file
/metadata/vold vold_metadata_file
diff --git a/flagging/Android.bp b/flagging/Android.bp
index f68375b..c92991f 100644
--- a/flagging/Android.bp
+++ b/flagging/Android.bp
@@ -30,6 +30,7 @@
"RELEASE_SUPERVISION_SERVICE",
"RELEASE_HARDWARE_BLUETOOTH_RANGING_SERVICE",
"RELEASE_UNLOCKED_STORAGE_API",
+ "RELEASE_BLUETOOTH_SOCKET_SERVICE",
],
export_to: ["all_selinux_flags"],
}
diff --git a/private/bpfloader.te b/private/bpfloader.te
index 33d3783..4fe3843 100644
--- a/private/bpfloader.te
+++ b/private/bpfloader.te
@@ -6,7 +6,7 @@
allow bpfloader kmsg_device:chr_file w_file_perms;
# These permissions are required to pin ebpf maps & programs.
-allow bpfloader bpffs_type:dir { add_name create remove_name search setattr write };
+allow bpfloader bpffs_type:dir { add_name create open read remove_name search setattr write };
allow bpfloader bpffs_type:file { create getattr read rename setattr };
allow bpfloader bpffs_type:lnk_file { create getattr read };
allow { bpffs_type -fs_bpf } fs_bpf:filesystem associate;
@@ -29,8 +29,8 @@
###
# Note: we don't care about getattr/mounton/search
-neverallow { domain } bpffs_type:dir ~{ add_name create getattr mounton remove_name search setattr write };
-neverallow { domain -bpfloader } bpffs_type:dir { add_name create remove_name setattr write };
+neverallow { domain } bpffs_type:dir ~{ add_name create getattr mounton open read remove_name search setattr write };
+neverallow { domain -bpfloader } bpffs_type:dir { add_name create open read remove_name setattr write };
neverallow { domain } bpffs_type:file ~{ create getattr map open read rename setattr write };
neverallow { domain -bpfloader } bpffs_type:file { create map open rename setattr };
diff --git a/private/compat/202404/202404.ignore.cil b/private/compat/202404/202404.ignore.cil
index f518eac..0bf3f7e 100644
--- a/private/compat/202404/202404.ignore.cil
+++ b/private/compat/202404/202404.ignore.cil
@@ -7,7 +7,6 @@
( new_objects
bluetooth_finder_prop
profcollectd_etr_prop
- fwk_devicestate_service
fstype_prop
binderfs_logs_transactions
binderfs_logs_transaction_history
diff --git a/private/domain.te b/private/domain.te
index 515317b..e941e10 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -584,7 +584,6 @@
# all processes need access to the underlying files.
is_flag_enabled(RELEASE_READ_FROM_NEW_STORAGE, `
r_dir_file(domain, aconfig_storage_metadata_file);
- r_dir_file(domain, aconfig_test_mission_files);
')
r_dir_file({ coredomain appdomain }, system_aconfig_storage_file);
@@ -863,6 +862,7 @@
userdebug_or_eng(`-fsck')
userdebug_or_eng(`-init')
-recovery
+ userdebug_or_eng(`-remount')
-update_engine
} system_block_device:blk_file { write append };
@@ -1747,19 +1747,11 @@
-artd # compile secondary dex files
-installd
} {
+ privapp_data_file
app_data_file
is_flag_enabled(RELEASE_UNLOCKED_STORAGE_API, `storage_area_content_file')
}:dir_file_class_set { relabelfrom relabelto };
-neverallow {
- domain
- -artd # compile secondary dex files
- -installd
- -vmlauncher_app # it still cannot relabel files belong to other apps due to UID mismatch
-} {
- privapp_data_file
-}:dir_file_class_set { relabelfrom relabelto };
-
is_flag_enabled(RELEASE_UNLOCKED_STORAGE_API, `
neverallow {
domain
diff --git a/private/dumpstate.te b/private/dumpstate.te
index 13b7b9f..5e3bce5 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -34,7 +34,6 @@
')
r_dir_file(dumpstate, aconfig_storage_metadata_file);
-r_dir_file(dumpstate, aconfig_test_mission_files);
# Allow dumpstate to make binder calls to incidentd
binder_call(dumpstate, incidentd)
diff --git a/private/file.te b/private/file.te
index 4ef8d55..5512b6e 100644
--- a/private/file.te
+++ b/private/file.te
@@ -164,8 +164,6 @@
# Type for /vendor/etc/aconfig
type vendor_aconfig_storage_file, vendor_file_type, file_type;
-type aconfig_test_mission_files, file_type;
-
# /data/misc/connectivityblobdb
type connectivityblob_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/private/file_contexts b/private/file_contexts
index bb8a35a..3ff72aa 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -156,7 +156,6 @@
/dev/snd(/.*)? u:object_r:audio_device:s0
/dev/socket(/.*)? u:object_r:socket_device:s0
/dev/socket/adbd u:object_r:adbd_socket:s0
-/dev/socket/aconfigd u:object_r:aconfigd_socket:s0
/dev/socket/aconfigd_system u:object_r:aconfigd_socket:s0
/dev/socket/dnsproxyd u:object_r:dnsproxyd_socket:s0
/dev/socket/dumpstate u:object_r:dumpstate_socket:s0
@@ -397,7 +396,6 @@
/system/bin/bpfloader u:object_r:bpfloader_exec:s0
/system/bin/netbpfload u:object_r:bpfloader_exec:s0
/system/bin/watchdogd u:object_r:watchdogd_exec:s0
-/system/bin/aconfigd u:object_r:aconfigd_exec:s0
/system/bin/aconfigd-system u:object_r:aconfigd_exec:s0
/system/bin/apexd u:object_r:apexd_exec:s0
/system/bin/gsid u:object_r:gsid_exec:s0
@@ -901,7 +899,6 @@
/metadata/repair-mode(/.*)? u:object_r:repair_mode_metadata_file:s0
/metadata/aconfig(/.*)? u:object_r:aconfig_storage_metadata_file:s0
/metadata/aconfig/flags(/.*)? u:object_r:aconfig_storage_flags_metadata_file:s0
-/metadata/aconfig_test_missions(/.*)? u:object_r:aconfig_test_mission_files:s0
/metadata/tradeinmode(/.*)? u:object_r:tradeinmode_metadata_file:s0
/metadata/prefetch(/.*)? u:object_r:prefetch_metadata_file:s0
diff --git a/private/init.te b/private/init.te
index 15f79e3..b16e918 100644
--- a/private/init.te
+++ b/private/init.te
@@ -87,7 +87,6 @@
# Allow init to set/get prefetch boot prop to initiate record/replay
set_prop(init, ctl_prefetch_prop);
-get_prop(init, prefetch_boot_prop);
# Allow accessing /sys/kernel/tracing/instances/bootreceiver to set up tracing.
allow init debugfs_bootreceiver_tracing:file w_file_perms;
diff --git a/private/prefetch.te b/private/prefetch.te
index c7ee8b1..21287f3 100644
--- a/private/prefetch.te
+++ b/private/prefetch.te
@@ -13,15 +13,12 @@
allow prefetch prefetch_metadata_file:dir rw_dir_perms;
allow prefetch prefetch_metadata_file:file create_file_perms;
+get_prop(prefetch, prefetch_boot_prop);
+set_prop(prefetch, prefetch_service_prop);
+
# Disallow other domains controlling prefetch service.
neverallow {
domain
-init
-shell
} ctl_prefetch_prop:property_service set;
-
-# Disallow other domains controlling prefetch_boot_prop.
-neverallow {
- domain
- -init
-} prefetch_boot_prop:property_service set;
diff --git a/private/property.te b/private/property.te
index 3109253..ccea344 100644
--- a/private/property.te
+++ b/private/property.te
@@ -45,6 +45,7 @@
system_internal_prop(misctrl_prop)
system_internal_prop(perf_drop_caches_prop)
system_internal_prop(pm_prop)
+system_internal_prop(prefetch_service_prop)
system_internal_prop(profcollectd_node_id_prop)
system_internal_prop(radio_cdma_ecm_prop)
system_internal_prop(remote_prov_prop)
@@ -53,7 +54,6 @@
system_internal_prop(setupwizard_prop)
system_internal_prop(snapshotctl_prop)
system_internal_prop(snapuserd_prop)
-system_internal_prop(prefetch_boot_prop)
system_internal_prop(system_adbd_prop)
system_internal_prop(system_audio_config_prop)
system_internal_prop(timezone_metadata_prop)
@@ -109,6 +109,7 @@
# Properties which should only be written by vendor_init
system_vendor_config_prop(avf_virtualizationservice_prop)
system_vendor_config_prop(high_barometer_quality_prop)
+system_vendor_config_prop(prefetch_boot_prop)
typeattribute log_prop log_property_type;
typeattribute log_tag_prop log_property_type;
diff --git a/private/property_contexts b/private/property_contexts
index 6b825cb..b650fad 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -361,12 +361,16 @@
ro.enable_boot_charger_mode u:object_r:charger_config_prop:s0 exact bool
ro.product.charger.unplugged_shutdown_time u:object_r:charger_config_prop:s0 exact int
-# Prefetch boot properties
+# Prefetch boot properties which are tunables
ro.prefetch_boot.enabled u:object_r:prefetch_boot_prop:s0 exact bool
ro.prefetch_boot.trace_buffer_size_kib u:object_r:prefetch_boot_prop:s0 exact int
ro.prefetch_boot.duration_s u:object_r:prefetch_boot_prop:s0 exact int
ro.prefetch_boot.io_depth u:object_r:prefetch_boot_prop:s0 exact int
ro.prefetch_boot.max_fds u:object_r:prefetch_boot_prop:s0 exact int
+ro.prefetch_boot.record_stop u:object_r:prefetch_boot_prop:s0 exact bool
+# Prefetch property to start and stop the record/replay
+prefetch_boot.record u:object_r:prefetch_service_prop:s0 exact bool
+prefetch_boot.replay u:object_r:prefetch_service_prop:s0 exact bool
# Virtual A/B and snapuserd properties
ro.virtual_ab.enabled u:object_r:virtual_ab_prop:s0 exact bool
diff --git a/private/service.te b/private/service.te
index c12c1a0..7e89300 100644
--- a/private/service.te
+++ b/private/service.te
@@ -11,6 +11,7 @@
type communal_service, app_api_service, system_server_service, service_manager_type;
type dynamic_system_service, system_api_service, system_server_service, service_manager_type;
type feature_flags_service, app_api_service, system_server_service, service_manager_type;
+type fwk_devicestate_service, system_server_service, service_manager_type;
type gsi_service, service_manager_type;
type incidentcompanion_service, app_api_service, system_api_service, system_server_service, service_manager_type;
type logcat_service, system_server_service, service_manager_type;
diff --git a/private/service_contexts b/private/service_contexts
index 77f1eec..900a1fe 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -3,9 +3,7 @@
android.frameworks.stats.IStats/default u:object_r:fwk_stats_service:s0
android.frameworks.sensorservice.ISensorManager/default u:object_r:fwk_sensor_service:s0
android.frameworks.vibrator.IVibratorControlService/default u:object_r:fwk_vibrator_control_service:s0
-starting_at_board_api(202504, `
- android.frameworks.devicestate.IDeviceStateService/default u:object_r:fwk_devicestate_service:s0
-')
+android.frameworks.devicestate.IDeviceStateService/default u:object_r:fwk_devicestate_service:s0
android.hardware.audio.core.IConfig/default u:object_r:hal_audio_service:s0
# 'default' IModule is equivalent to 'primary' in HIDL
android.hardware.audio.core.IModule/default u:object_r:hal_audio_service:s0
@@ -40,6 +38,9 @@
')
android.hardware.bluetooth.lmp_event.IBluetoothLmpEvent/default u:object_r:hal_bluetooth_service:s0
android.hardware.bluetooth.audio.IBluetoothAudioProviderFactory/default u:object_r:hal_audio_service:s0
+is_flag_enabled(RELEASE_BLUETOOTH_SOCKET_SERVICE, `
+ android.hardware.bluetooth.socket.IBluetoothSocket/default u:object_r:hal_bluetooth_service:s0
+')
android.hardware.broadcastradio.IBroadcastRadio/amfm u:object_r:hal_broadcastradio_service:s0
android.hardware.broadcastradio.IBroadcastRadio/dab u:object_r:hal_broadcastradio_service:s0
# The instance here is internal/0 following naming convention for ICameraProvider.
diff --git a/private/system_server.te b/private/system_server.te
index a901466..99ef142 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1281,6 +1281,11 @@
# UsbDeviceManager uses /dev/usb-ffs
allow system_server functionfs:dir search;
allow system_server functionfs:file rw_file_perms;
+# To resolve arbitrary sysfs paths from /sys/class/udc/* symlinks.
+starting_at_board_api(202504, `
+allow system_server sysfs_type:dir search;
+r_dir_file(system_server, sysfs_udc)
+')
# system_server contains time / time zone detection logic so reads the associated properties.
get_prop(system_server, time_prop)
@@ -1532,9 +1537,6 @@
allow system_server aconfigd_socket:sock_file {read write};
allow system_server aconfigd:unix_stream_socket connectto;
-allow system_server aconfig_test_mission_files:dir create_dir_perms;
-allow system_server aconfig_test_mission_files:file create_file_perms;
-
allow system_server repair_mode_metadata_file:dir rw_dir_perms;
allow system_server repair_mode_metadata_file:file create_file_perms;
diff --git a/private/traced.te b/private/traced.te
index 796095f..8a29541 100644
--- a/private/traced.te
+++ b/private/traced.te
@@ -53,6 +53,9 @@
userdebug_or_eng(`system_server_tmpfs')
}:file { getattr map read write };
+# Allow traced to detect if a process is frozen (b/381089063).
+allow traced cgroup_v2:file r_file_perms;
+
# Allow setting debug properties which guard initialization of the Perfetto SDK
# in SurfaceFlinger and HWUI's copy of Skia.
# Required for the android.sdk_sysprop_guard data source.
diff --git a/private/tradeinmode.te b/private/tradeinmode.te
index febe35f..dca1bc1 100644
--- a/private/tradeinmode.te
+++ b/private/tradeinmode.te
@@ -21,6 +21,7 @@
get_prop(tradeinmode, odsign_prop)
get_prop(tradeinmode, build_attestation_prop)
+get_prop(tradeinmode, adbd_tradeinmode_prop)
# Needed to start activities through "am".
binder_call(tradeinmode, system_server)
diff --git a/private/vendor_init.te b/private/vendor_init.te
index 0a2d62c..a50bc27 100644
--- a/private/vendor_init.te
+++ b/private/vendor_init.te
@@ -292,6 +292,7 @@
set_prop(vendor_init, log_tag_prop)
set_prop(vendor_init, log_prop)
set_prop(vendor_init, graphics_config_writable_prop)
+set_prop(vendor_init, prefetch_boot_prop);
set_prop(vendor_init, qemu_hw_prop)
set_prop(vendor_init, radio_control_prop)
set_prop(vendor_init, rebootescrow_hal_prop)
diff --git a/private/virtualizationservice.te b/private/virtualizationservice.te
index a78d974..1acf734 100644
--- a/private/virtualizationservice.te
+++ b/private/virtualizationservice.te
@@ -124,7 +124,6 @@
-init
-virtualizationmanager
-virtualizationservice
- -vmlauncher_app
} virtualizationservice_data_file:file { open create };
neverallow virtualizationservice {
diff --git a/private/vmlauncher_app.te b/private/vmlauncher_app.te
index 934031a..8597fcd 100644
--- a/private/vmlauncher_app.te
+++ b/private/vmlauncher_app.te
@@ -13,9 +13,6 @@
allow vmlauncher_app fsck_exec:file { r_file_perms execute execute_no_trans };
-allow vmlauncher_app virtualizationservice_data_file:file { read relabelto open write unlink rename };
-allow vmlauncher_app privapp_data_file:file { relabelfrom };
-
is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, `
# TODO(b/332677707): remove them when display service uses binder RPC.
allow vmlauncher_app virtualization_service:service_manager find;
diff --git a/public/service.te b/public/service.te
index 2b75cc6..854ceef 100644
--- a/public/service.te
+++ b/public/service.te
@@ -151,9 +151,6 @@
type forensic_service, app_api_service, system_api_service, system_server_service, service_manager_type;
')
type fwk_altitude_service, system_server_service, service_manager_type;
-starting_at_board_api(202504, `
- type fwk_devicestate_service, system_server_service, service_manager_type;
-')
type fwk_stats_service, app_api_service, system_server_service, service_manager_type;
type fwk_sensor_service, system_server_service, service_manager_type;
type fwk_vibrator_control_service, system_server_service, service_manager_type;
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 1e89895..66ac4ec 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -22,6 +22,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth\.finder-service\.default u:object_r:hal_bluetooth_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth\.ranging-service\.default u:object_r:hal_bluetooth_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth\.lmp_event-service\.default u:object_r:hal_bluetooth_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth\.socket-service\.default u:object_r:hal_bluetooth_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face@1\.[0-9]+-service\.example u:object_r:hal_face_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face-service\.example u:object_r:hal_face_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face-service\.default u:object_r:hal_face_default_exec:s0