Merge "sepolicy: allow to play f2fs-compression for odex/vdex files"
diff --git a/private/charger.te b/private/charger.te
index 8be113f..c5f3a50 100644
--- a/private/charger.te
+++ b/private/charger.te
@@ -2,16 +2,13 @@
# charger needs to tell init to continue the boot
# process when running in charger mode.
+# The system charger needs to be allowed to set these properties on legacy devices.
set_prop(charger, system_prop)
set_prop(charger, exported_system_prop)
set_prop(charger, exported3_system_prop)
-set_prop(charger, charger_status_prop)
+# The system charger can read ro.charger.*
get_prop(charger, charger_prop)
-get_prop(charger, charger_config_prop)
-
-# get minui properties
-get_prop(charger, recovery_config_prop)
compatible_property_only(`
neverallow {
@@ -21,11 +18,3 @@
-charger
} charger_prop:file no_rw_file_perms;
')
-
-neverallow {
- domain
- -init
- -dumpstate
- -vendor_init
- -charger
-} { charger_config_prop charger_status_prop }:file no_rw_file_perms;
diff --git a/private/charger_type.te b/private/charger_type.te
new file mode 100644
index 0000000..cb699de
--- /dev/null
+++ b/private/charger_type.te
@@ -0,0 +1,38 @@
+# charger needs to tell init to continue the boot
+# process when running in charger mode.
+set_prop(charger_type, charger_status_prop)
+get_prop(charger_type, charger_config_prop)
+
+# get minui properties
+get_prop(charger_type, recovery_config_prop)
+
+### Neverallow rules for charger properties
+
+# charger_config_prop: Only init and vendor_init is allowed to set it
+neverallow {
+ domain
+ -init
+ -vendor_init
+} charger_config_prop:property_service set;
+
+# charger_status_prop: Only init, vendor_init, charger, and hal_health_server
+# are allowed to set it
+neverallow {
+ domain
+ -init
+ -vendor_init
+ -charger
+ -hal_health_server
+} charger_status_prop:property_service set;
+
+# Both charger_config_prop and charger_status_prop:
+# Only init, vendor_init, dumpstate, charger, and hal_health_server
+# are allowed to read it
+neverallow {
+ domain
+ -init
+ -dumpstate
+ -vendor_init
+ -charger
+ -hal_health_server
+} { charger_config_prop charger_status_prop }:file no_rw_file_perms;
diff --git a/private/clatd.te b/private/clatd.te
index 0fa774a..dfcaf57 100644
--- a/private/clatd.te
+++ b/private/clatd.te
@@ -12,25 +12,9 @@
# Access objects inherited from netd.
allow clatd netd:fd use;
allow clatd netd:fifo_file { read write };
-# TODO: Check whether some or all of these sockets should be close-on-exec.
-allow clatd netd:netlink_kobject_uevent_socket { read write };
-allow clatd netd:netlink_nflog_socket { read write };
-allow clatd netd:netlink_route_socket { read write };
-allow clatd netd:udp_socket { read write };
-allow clatd netd:unix_stream_socket { read write };
-allow clatd netd:unix_dgram_socket { read write };
allow clatd self:global_capability_class_set { net_admin net_raw setuid setgid };
-# clatd calls mmap(MAP_LOCKED) with a 1M buffer. MAP_LOCKED first checks
-# capable(CAP_IPC_LOCK), and then checks to see the requested amount is
-# under RLIMIT_MEMLOCK. If the latter check succeeds clatd won't have
-# needed CAP_IPC_LOCK. But this is not guaranteed to succeed on all devices
-# so we permit any requests we see from clatd asking for this capability.
-# See https://android-review.googlesource.com/127940 and
-# https://b.corp.google.com/issues/21736319
-allow clatd self:global_capability_class_set ipc_lock;
-
allow clatd self:netlink_route_socket nlmsg_write;
allow clatd self:{ packet_socket rawip_socket } create_socket_perms_no_ioctl;
allow clatd tun_device:chr_file rw_file_perms;
diff --git a/private/compat/31.0/31.0.ignore.cil b/private/compat/31.0/31.0.ignore.cil
index f9645f4..47a2e8c 100644
--- a/private/compat/31.0/31.0.ignore.cil
+++ b/private/compat/31.0/31.0.ignore.cil
@@ -14,9 +14,15 @@
hal_contexthub_service
hal_graphics_composer_service
hal_health_service
+ hal_radio_config_service
+ hal_radio_data_service
+ hal_radio_messaging_service
+ hal_radio_modem_service
+ hal_radio_network_service
+ hal_radio_sim_service
+ hal_radio_voice_service
hal_sensors_service
hal_system_suspend_service
- hal_radio_service
hal_tv_tuner_service
hal_uwb_service
hal_uwb_vendor_service
diff --git a/private/file_contexts b/private/file_contexts
index 3049bc6..e7045e0 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -277,6 +277,7 @@
/system/bin/recovery-refresh u:object_r:recovery_refresh_exec:s0
/system/bin/sdcard u:object_r:sdcardd_exec:s0
/system/bin/snapshotctl u:object_r:snapshotctl_exec:s0
+/system/bin/remount u:object_r:remount_exec:s0
/system/bin/dhcpcd u:object_r:dhcp_exec:s0
/system/bin/dhcpcd-6\.8\.2 u:object_r:dhcp_exec:s0
/system/bin/mtpd u:object_r:mtp_exec:s0
diff --git a/private/genfs_contexts b/private/genfs_contexts
index 2006ffe..812ced9 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -229,6 +229,12 @@
genfscon tracefs /events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0
+genfscon tracefs /synthetic_events u:object_r:debugfs_tracing:s0
+genfscon tracefs /events/synthetic/rss_stat_throttled u:object_r:debugfs_tracing:s0
+
+genfscon debugfs /tracing/synthetic_events u:object_r:debugfs_tracing:s0
+genfscon debugfs /tracing/events/synthetic/rss_stat_throttled u:object_r:debugfs_tracing:s0
+
genfscon tracefs /trace_clock u:object_r:debugfs_tracing:s0
genfscon tracefs /buffer_size_kb u:object_r:debugfs_tracing:s0
genfscon tracefs /options/overwrite u:object_r:debugfs_tracing:s0
diff --git a/private/init.te b/private/init.te
index 09a9a5e..b02b620 100644
--- a/private/init.te
+++ b/private/init.te
@@ -106,6 +106,11 @@
# Allow accessing /sys/kernel/tracing/instances/bootreceiver to set up tracing.
allow init debugfs_bootreceiver_tracing:file w_file_perms;
+# Devices with kernels where CONFIG_HIST_TRIGGERS isn't enabled will
+# attempt to write a non exisiting 'synthetic_events' file, when setting
+# up synthetic events. This is a no-op in tracefs.
+dontaudit init debugfs_tracing_debug:dir { write add_name };
+
# chown/chmod on devices.
allow init {
dev_type
diff --git a/private/remount.te b/private/remount.te
new file mode 100644
index 0000000..4dd94a5
--- /dev/null
+++ b/private/remount.te
@@ -0,0 +1,15 @@
+type remount, domain, coredomain;
+type remount_exec, system_file_type, exec_type, file_type;
+
+userdebug_or_eng(`
+ # Allow init to run clean_scratch_files and do auto domain transfer.
+ init_daemon_domain(remount)
+
+ # Allow talking to gsid.
+ binder_use(remount)
+ allow remount gsi_service:service_manager find;
+ binder_call(remount, gsid)
+
+ # Allow searching for /metadata/gsi/remount/lp_metadata.
+ allow remount { metadata_file gsi_metadata_file_type }:dir search;
+')
diff --git a/private/service_contexts b/private/service_contexts
index 50002d4..f79715d 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -14,7 +14,25 @@
android.hardware.oemlock.IOemLock/default u:object_r:hal_oemlock_service:s0
android.hardware.power.IPower/default u:object_r:hal_power_service:s0
android.hardware.power.stats.IPowerStats/default u:object_r:hal_power_stats_service:s0
-android.hardware.radio.config.IRadioConfig/default u:object_r:hal_radio_service:s0
+android.hardware.radio.config.IRadioConfig/default u:object_r:hal_radio_config_service:s0
+android.hardware.radio.data.IRadioData/slot1 u:object_r:hal_radio_data_service:s0
+android.hardware.radio.data.IRadioData/slot2 u:object_r:hal_radio_data_service:s0
+android.hardware.radio.data.IRadioData/slot3 u:object_r:hal_radio_data_service:s0
+android.hardware.radio.messaging.IRadioMessaging/slot1 u:object_r:hal_radio_messaging_service:s0
+android.hardware.radio.messaging.IRadioMessaging/slot2 u:object_r:hal_radio_messaging_service:s0
+android.hardware.radio.messaging.IRadioMessaging/slot3 u:object_r:hal_radio_messaging_service:s0
+android.hardware.radio.modem.IRadioModem/slot1 u:object_r:hal_radio_modem_service:s0
+android.hardware.radio.modem.IRadioModem/slot2 u:object_r:hal_radio_modem_service:s0
+android.hardware.radio.modem.IRadioModem/slot3 u:object_r:hal_radio_modem_service:s0
+android.hardware.radio.network.IRadioNetwork/slot1 u:object_r:hal_radio_network_service:s0
+android.hardware.radio.network.IRadioNetwork/slot2 u:object_r:hal_radio_network_service:s0
+android.hardware.radio.network.IRadioNetwork/slot3 u:object_r:hal_radio_network_service:s0
+android.hardware.radio.sim.IRadioSim/slot1 u:object_r:hal_radio_sim_service:s0
+android.hardware.radio.sim.IRadioSim/slot2 u:object_r:hal_radio_sim_service:s0
+android.hardware.radio.sim.IRadioSim/slot3 u:object_r:hal_radio_sim_service:s0
+android.hardware.radio.voice.IRadioVoice/slot1 u:object_r:hal_radio_voice_service:s0
+android.hardware.radio.voice.IRadioVoice/slot2 u:object_r:hal_radio_voice_service:s0
+android.hardware.radio.voice.IRadioVoice/slot3 u:object_r:hal_radio_voice_service:s0
android.hardware.rebootescrow.IRebootEscrow/default u:object_r:hal_rebootescrow_service:s0
android.hardware.security.keymint.IKeyMintDevice/default u:object_r:hal_keymint_service:s0
android.hardware.security.keymint.IRemotelyProvisionedComponent/default u:object_r:hal_remotelyprovisionedcomponent_service:s0
diff --git a/public/attributes b/public/attributes
index a68a6fc..df82abf 100644
--- a/public/attributes
+++ b/public/attributes
@@ -412,3 +412,10 @@
# Types used for module-specific APEX data directories under
# /data/{misc,misc_ce,misc_de}/apexdata.
attribute apex_data_file_type;
+
+# Domains used for charger.
+# This is the common type for domains that executes charger's
+# functionalities, including setting and getting necessary properties,
+# permissions to maintain the health loop, writing to kernel log, handling
+# inputs and drawing screens, etc.
+attribute charger_type;
diff --git a/public/charger.te b/public/charger.te
index 37359e3..418dff9 100644
--- a/public/charger.te
+++ b/public/charger.te
@@ -1,40 +1,5 @@
-type charger, domain;
+type charger, charger_type, domain;
type charger_exec, system_file_type, exec_type, file_type;
-# Write to /dev/kmsg
-allow charger kmsg_device:chr_file rw_file_perms;
-
-# Read access to pseudo filesystems.
-r_dir_file(charger, rootfs)
-r_dir_file(charger, cgroup)
-r_dir_file(charger, cgroup_v2)
-
-# Allow to read /sys/class/power_supply directory
-allow charger sysfs_type:dir r_dir_perms;
-
-allow charger self:global_capability_class_set { sys_tty_config };
-allow charger self:global_capability_class_set sys_boot;
-
-wakelock_use(charger)
-
-allow charger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
-
-# Read/write to /sys/power/state
-allow charger sysfs_power:file rw_file_perms;
-
-r_dir_file(charger, sysfs_batteryinfo)
-
-# Read /sys/fs/pstore/console-ramoops
-# Don't worry about overly broad permissions for now, as there's
-# only one file in /sys/fs/pstore
-allow charger pstorefs:dir r_dir_perms;
-allow charger pstorefs:file r_file_perms;
-
-allow charger graphics_device:dir r_dir_perms;
-allow charger graphics_device:chr_file rw_file_perms;
-allow charger input_device:dir r_dir_perms;
-allow charger input_device:chr_file r_file_perms;
-allow charger tty_device:chr_file rw_file_perms;
-allow charger proc_sysrq:file rw_file_perms;
-
+# The system charger is a client of HIDL health HAL.
hal_client_domain(charger, hal_health)
diff --git a/public/charger_type.te b/public/charger_type.te
new file mode 100644
index 0000000..4241360
--- /dev/null
+++ b/public/charger_type.te
@@ -0,0 +1,37 @@
+# Write to /dev/kmsg
+allow charger_type kmsg_device:chr_file rw_file_perms;
+
+# Read access to pseudo filesystems.
+r_dir_file(charger_type, rootfs)
+r_dir_file(charger_type, cgroup)
+r_dir_file(charger_type, cgroup_v2)
+
+# Allow to read /sys/class/power_supply directory
+allow charger_type sysfs_type:dir r_dir_perms;
+
+allow charger_type self:global_capability_class_set {
+ sys_boot
+ sys_tty_config
+};
+
+wakelock_use(charger_type)
+
+allow charger_type self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
+
+# Read/write to /sys/power/state
+allow charger_type sysfs_power:file rw_file_perms;
+
+r_dir_file(charger_type, sysfs_batteryinfo)
+
+# Read /sys/fs/pstore/console-ramoops
+# Don't worry about overly broad permissions for now, as there's
+# only one file in /sys/fs/pstore
+allow charger_type pstorefs:dir r_dir_perms;
+allow charger_type pstorefs:file r_file_perms;
+
+allow charger_type graphics_device:dir r_dir_perms;
+allow charger_type graphics_device:chr_file rw_file_perms;
+allow charger_type input_device:dir r_dir_perms;
+allow charger_type input_device:chr_file r_file_perms;
+allow charger_type tty_device:chr_file rw_file_perms;
+allow charger_type proc_sysrq:file rw_file_perms;
diff --git a/public/hal_telephony.te b/public/hal_telephony.te
index e21796a..8a1fbe5 100644
--- a/public/hal_telephony.te
+++ b/public/hal_telephony.te
@@ -3,7 +3,13 @@
binder_call(hal_telephony_server, hal_telephony_client)
hal_attribute_hwservice(hal_telephony, hal_telephony_hwservice)
-hal_attribute_service(hal_telephony, hal_radio_service)
+hal_attribute_service(hal_telephony, hal_radio_config_service)
+hal_attribute_service(hal_telephony, hal_radio_data_service)
+hal_attribute_service(hal_telephony, hal_radio_messaging_service)
+hal_attribute_service(hal_telephony, hal_radio_modem_service)
+hal_attribute_service(hal_telephony, hal_radio_network_service)
+hal_attribute_service(hal_telephony, hal_radio_sim_service)
+hal_attribute_service(hal_telephony, hal_radio_voice_service)
allowxperm hal_telephony_server self:udp_socket ioctl priv_sock_ioctls;
diff --git a/public/service.te b/public/service.te
index 19f7aaa..7f1fbe2 100644
--- a/public/service.te
+++ b/public/service.te
@@ -273,13 +273,19 @@
type hal_oemlock_service, vendor_service, protected_service, service_manager_type;
type hal_power_service, vendor_service, protected_service, service_manager_type;
type hal_power_stats_service, vendor_service, protected_service, service_manager_type;
+type hal_radio_config_service, vendor_service, protected_service, service_manager_type;
+type hal_radio_data_service, vendor_service, protected_service, service_manager_type;
+type hal_radio_messaging_service, vendor_service, protected_service, service_manager_type;
+type hal_radio_modem_service, vendor_service, protected_service, service_manager_type;
+type hal_radio_network_service, vendor_service, protected_service, service_manager_type;
+type hal_radio_sim_service, vendor_service, protected_service, service_manager_type;
+type hal_radio_voice_service, vendor_service, protected_service, service_manager_type;
type hal_rebootescrow_service, vendor_service, protected_service, service_manager_type;
type hal_remotelyprovisionedcomponent_service, vendor_service, protected_service, service_manager_type;
type hal_sensors_service, vendor_service, protected_service, service_manager_type;
type hal_secureclock_service, vendor_service, protected_service, service_manager_type;
type hal_sharedsecret_service, vendor_service, protected_service, service_manager_type;
type hal_system_suspend_service, protected_service, service_manager_type;
-type hal_radio_service, vendor_service, protected_service, service_manager_type;
type hal_tv_tuner_service, vendor_service, protected_service, service_manager_type;
type hal_uwb_service, vendor_service, protected_service, service_manager_type;
type hal_vibrator_service, vendor_service, protected_service, service_manager_type;