[automerger skipped] Allow MediaProvider to access the media metrics service am: abfe4c00e7 -s ours am skip reason: Merged-In Ied609152e6a9ba6d17b70db325ca33f1cb345eb8 with SHA-1 57401bc71f is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/17061984 Change-Id: I1991eb80eecab49258b530f2bee9031b7d225ec1

commit: 6becd6299d90bf61c20598b8bab9aa5648f78ee0 [log] [tgz]
author: Zim <zezeozue@google.com> Wed Mar 09 00:27:52 2022 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Wed Mar 09 00:27:52 2022 +0000
tree: c9ac1bfbb189ec2813f3f48e6d3a1f63d60c6ccd
parent: 9141aa020e6649fc69e113ff8d23abd1ce1bd54e [diff]
parent: abfe4c00e784800865139e30260d025980dadae4 [diff]
diff --git a/prebuilts/api/31.0/private/apexd.te b/prebuilts/api/31.0/private/apexd.te
index 09799bd..d43ed33 100644
--- a/prebuilts/api/31.0/private/apexd.te
+++ b/prebuilts/api/31.0/private/apexd.te

@@ -86,6 +86,7 @@
 allow apexd apex_info_file:file relabelto;
 # apexd needs to update /apex/apex-info-list.xml after non-staged APEX update.
 allow apexd apex_info_file:file rw_file_perms;
+allow apexd apex_info_file:file mounton;
 
 # allow apexd to unlink apex files in /data/apex/active
 # note that apexd won't be able to unlink files in /data/app-staging/session_XXXX,

diff --git a/prebuilts/api/32.0/private/apexd.te b/prebuilts/api/32.0/private/apexd.te
index 09799bd..d43ed33 100644
--- a/prebuilts/api/32.0/private/apexd.te
+++ b/prebuilts/api/32.0/private/apexd.te

@@ -86,6 +86,7 @@
 allow apexd apex_info_file:file relabelto;
 # apexd needs to update /apex/apex-info-list.xml after non-staged APEX update.
 allow apexd apex_info_file:file rw_file_perms;
+allow apexd apex_info_file:file mounton;
 
 # allow apexd to unlink apex files in /data/apex/active
 # note that apexd won't be able to unlink files in /data/app-staging/session_XXXX,

diff --git a/prebuilts/api/32.0/private/property_contexts b/prebuilts/api/32.0/private/property_contexts
index f235b35..97c06b8 100644
--- a/prebuilts/api/32.0/private/property_contexts
+++ b/prebuilts/api/32.0/private/property_contexts

@@ -530,6 +530,7 @@
 ro.lmk.medium                   u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.psi_partial_stall_ms     u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.psi_complete_stall_ms    u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.stall_limit_critical     u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.swap_free_low_percentage u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.swap_util_max            u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.thrashing_limit          u:object_r:lmkd_config_prop:s0 exact int

diff --git a/prebuilts/api/32.0/private/system_server.te b/prebuilts/api/32.0/private/system_server.te
index 82b2a1f..6aca000 100644
--- a/prebuilts/api/32.0/private/system_server.te
+++ b/prebuilts/api/32.0/private/system_server.te

@@ -91,7 +91,7 @@
   crash_dump
   webview_zygote
   zygote
-}:process { sigkill signull };
+}:process { getpgid sigkill signull };
 
 # Read /system/bin/app_process.
 allow system_server zygote_exec:file r_file_perms;

diff --git a/private/apexd.te b/private/apexd.te
index 09799bd..d43ed33 100644
--- a/private/apexd.te
+++ b/private/apexd.te

@@ -86,6 +86,7 @@
 allow apexd apex_info_file:file relabelto;
 # apexd needs to update /apex/apex-info-list.xml after non-staged APEX update.
 allow apexd apex_info_file:file rw_file_perms;
+allow apexd apex_info_file:file mounton;
 
 # allow apexd to unlink apex files in /data/apex/active
 # note that apexd won't be able to unlink files in /data/app-staging/session_XXXX,

diff --git a/private/property_contexts b/private/property_contexts
index f235b35..97c06b8 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -530,6 +530,7 @@
 ro.lmk.medium                   u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.psi_partial_stall_ms     u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.psi_complete_stall_ms    u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.stall_limit_critical     u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.swap_free_low_percentage u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.swap_util_max            u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.thrashing_limit          u:object_r:lmkd_config_prop:s0 exact int

diff --git a/private/system_server.te b/private/system_server.te
index 82b2a1f..6aca000 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -91,7 +91,7 @@
   crash_dump
   webview_zygote
   zygote
-}:process { sigkill signull };
+}:process { getpgid sigkill signull };
 
 # Read /system/bin/app_process.
 allow system_server zygote_exec:file r_file_perms;
commit	6becd6299d90bf61c20598b8bab9aa5648f78ee0	[log] [tgz]
author	Zim <zezeozue@google.com>	Wed Mar 09 00:27:52 2022 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Wed Mar 09 00:27:52 2022 +0000
tree	c9ac1bfbb189ec2813f3f48e6d3a1f63d60c6ccd
parent	9141aa020e6649fc69e113ff8d23abd1ce1bd54e [diff]
parent	abfe4c00e784800865139e30260d025980dadae4 [diff]