Add the testharness service to sepolicy rules The testharness service will manage Test Harness Mode and provide a command-line interface for users to enable Test Harness Mode; however it does not directly provide a public API. Bug: 80137798 Test: make Test: flash crosshatch Change-Id: Ie396e40fcea8914b4dd2247f2314e029b66ad84e

commit: 5f486c74bf72648b9c03ffe934b1c83c95e27391 [log] [tgz]
author: William Hester <williamhester@google.com> Tue Jan 15 13:39:30 2019 -0800
committer: William Hester <williamhester@google.com> Thu Jan 17 13:10:37 2019 -0800
tree: a3620de314d5e9d3ce91c49e78417aa22e75cf61
parent: 5a974a0eae28287a9c7ff1d173085cd56f4d8d8f [diff]
diff --git a/private/adbd.te b/private/adbd.te
index 0b42672..5bbf2dd 100644
--- a/private/adbd.te
+++ b/private/adbd.te

@@ -85,6 +85,9 @@
 # Read device's serial number from system properties
 get_prop(adbd, serialno_prop)
 
+# Read whether or not Test Harness Mode is enabled
+get_prop(adbd, test_harness_prop)
+
 # Read device's overlayfs related properties and files
 userdebug_or_eng(`
   get_prop(adbd, persistent_properties_ready_prop)

diff --git a/private/app.te b/private/app.te
index 876406f..4e433eb 100644
--- a/private/app.te
+++ b/private/app.te

@@ -10,6 +10,10 @@
 # info etc.
 allow appdomain priv_app_tmpfs:file read;
 
+# Allow apps to read the Test Harness Mode property. This property is used in
+# the implementation of ActivityManager.isDeviceInTestHarnessMode()
+get_prop(appdomain, test_harness_prop)
+
 neverallow appdomain system_server:udp_socket {
         accept append bind create ioctl listen lock name_bind
         relabelfrom relabelto setattr shutdown };

diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 23a8a00..4ae2071 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil

@@ -90,6 +90,8 @@
     system_lmk_prop
     system_suspend_hwservice
     staging_data_file
+    testharness_service
+    test_harness_prop
     time_prop
     timedetector_service
     timezonedetector_service

diff --git a/private/service_contexts b/private/service_contexts
index 5448183..2ad99eb 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -181,6 +181,7 @@
 task                                      u:object_r:task_service:s0
 telecom                                   u:object_r:telecom_service:s0
 telephony.registry                        u:object_r:registry_service:s0
+testharness                               u:object_r:testharness_service:s0
 textclassification                        u:object_r:textclassification_service:s0
 textservices                              u:object_r:textservices_service:s0
 time_detector                             u:object_r:timedetector_service:s0

diff --git a/private/system_server.te b/private/system_server.te
index 0baf4d6..bb69796 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -605,6 +605,9 @@
 # reset during current boot.
 get_prop(system_server, device_config_reset_performed_prop)
 
+# Read/write the property that enables Test Harness Mode
+set_prop(system_server, test_harness_prop)
+
 # Create a socket for connections from debuggerd.
 allow system_server system_ndebug_socket:sock_file create_file_perms;
 

diff --git a/public/property.te b/public/property.te
index f67a506..91d1a11 100644
--- a/public/property.te
+++ b/public/property.te

@@ -71,6 +71,7 @@
 type system_prop, property_type, core_property_type;
 type system_radio_prop, property_type, core_property_type;
 type test_boot_reason_prop, property_type;
+type test_harness_prop, property_type;
 type time_prop, property_type;
 type traced_enabled_prop, property_type;
 type vold_prop, property_type, core_property_type;
@@ -432,6 +433,7 @@
     -system_prop
     -system_radio_prop
     -test_boot_reason_prop
+    -test_harness_prop
     -time_prop
     -traced_enabled_prop
     -vendor_default_prop

diff --git a/public/property_contexts b/public/property_contexts
index e871b11..2b1b0e9 100644
--- a/public/property_contexts
+++ b/public/property_contexts

@@ -188,6 +188,7 @@
 libc.debug.hooks.enable u:object_r:exported2_default_prop:s0 exact string
 persist.sys.locale u:object_r:exported_system_prop:s0 exact string
 persist.sys.timezone u:object_r:exported_system_prop:s0 exact string
+persist.sys.test_harness u:object_r:test_harness_prop:s0 exact bool
 ro.adb.secure u:object_r:exported_secure_prop:s0 exact int
 ro.arch u:object_r:exported2_default_prop:s0 exact string
 ro.audio.ignore_effects u:object_r:exported2_default_prop:s0 exact bool

diff --git a/public/service.te b/public/service.te
index eb5a608..21f7648 100644
--- a/public/service.te
+++ b/public/service.te

@@ -157,6 +157,7 @@
 type storagestats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type system_update_service, system_server_service, service_manager_type;
 type task_service, system_server_service, service_manager_type;
+type testharness_service, system_server_service, service_manager_type;
 type textclassification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type textservices_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type telecom_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
commit	5f486c74bf72648b9c03ffe934b1c83c95e27391	[log] [tgz]
author	William Hester <williamhester@google.com>	Tue Jan 15 13:39:30 2019 -0800
committer	William Hester <williamhester@google.com>	Thu Jan 17 13:10:37 2019 -0800
tree	a3620de314d5e9d3ce91c49e78417aa22e75cf61
parent	5a974a0eae28287a9c7ff1d173085cd56f4d8d8f [diff]