Merge "Enable gsid to read /sys/fs/f2fs"
diff --git a/private/audioserver.te b/private/audioserver.te
index 05e793c..067152f 100644
--- a/private/audioserver.te
+++ b/private/audioserver.te
@@ -40,6 +40,7 @@
allow audioserver scheduling_policy_service:service_manager find;
allow audioserver mediametrics_service:service_manager find;
allow audioserver sensor_privacy_service:service_manager find;
+allow audioserver soundtrigger_middleware_service:service_manager find;
# Allow read/write access to bluetooth-specific properties
set_prop(audioserver, bluetooth_a2dp_offload_prop)
diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index f8ed88b..d112da5 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -17,6 +17,7 @@
cold_boot_done_prop
platform_compat_service
ctl_apexd_prop
+ dataloader_manager_service
device_config_storage_native_boot_prop
device_config_sys_traced_prop
gmscore_app
@@ -35,17 +36,20 @@
mediatranscoding_exec
mediatranscoding_tmpfs
linker_prop
+ linkerconfig_file
mock_ota_prop
module_sdkext_prop
ota_metadata_file
ota_prop
art_apex_dir
service_manager_service
+ soundtrigger_middleware_service
system_group_file
system_jvmti_agent_prop
system_passwd_file
tethering_service
timezonedetector_service
+ usb_serial_device
userspace_reboot_prop
userspace_reboot_exported_prop
vehicle_hal_prop
diff --git a/private/file.te b/private/file.te
index 09bfe29..4492002 100644
--- a/private/file.te
+++ b/private/file.te
@@ -21,9 +21,6 @@
# of application data.
type rollback_data_file, file_type, data_file_type, core_data_file_type;
-# /dev/linkerconfig(/.*)?
-type linkerconfig_file, file_type;
-
# /data/gsi/ota
type ota_image_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/private/file_contexts b/private/file_contexts
index 26f4586..c8d9327 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -101,7 +101,6 @@
/dev/iio:device[0-9]+ u:object_r:iio_device:s0
/dev/ion u:object_r:ion_device:s0
/dev/keychord u:object_r:keychord_device:s0
-/dev/linkerconfig(/.*)? u:object_r:linkerconfig_file:s0
/dev/loop-control u:object_r:loop_control_device:s0
/dev/modem.* u:object_r:radio_device:s0
/dev/mtp_usb u:object_r:mtp_device:s0
@@ -164,6 +163,8 @@
/dev/tty u:object_r:owntty_device:s0
/dev/tty[0-9]* u:object_r:tty_device:s0
/dev/ttyS[0-9]* u:object_r:serial_device:s0
+/dev/ttyUSB[0-9]* u:object_r:usb_serial_device:s0
+/dev/ttyACM[0-9]* u:object_r:usb_serial_device:s0
/dev/tun u:object_r:tun_device:s0
/dev/uhid u:object_r:uhid_device:s0
/dev/uinput u:object_r:uhid_device:s0
@@ -179,6 +180,10 @@
/dev/__properties__ u:object_r:properties_device:s0
/dev/__properties__/property_info u:object_r:property_info:s0
#############################
+# Linker configuration
+#
+/linkerconfig(/.*)? u:object_r:linkerconfig_file:s0
+#############################
# System files
#
/system(/.*)? u:object_r:system_file:s0
diff --git a/private/gmscore_app.te b/private/gmscore_app.te
index b2e5d16..ec98717 100644
--- a/private/gmscore_app.te
+++ b/private/gmscore_app.te
@@ -67,6 +67,9 @@
# Access the network
net_domain(gmscore_app)
+# webview crash handling depends on self ptrace (b/27697529, b/20150694, b/19277529#comment7)
+allow gmscore_app self:process ptrace;
+
# Allow loading executable code from writable priv-app home
# directories. This is a W^X violation, however, it needs
# to be supported for now for the following reasons.
diff --git a/private/init.te b/private/init.te
index 3edd021..116eff4 100644
--- a/private/init.te
+++ b/private/init.te
@@ -15,6 +15,7 @@
domain_trans(init, rootfs, charger)
domain_trans(init, rootfs, fastbootd)
domain_trans(init, rootfs, recovery)
+ domain_trans(init, rootfs, linkerconfig)
')
domain_trans(init, shell_exec, shell)
domain_trans(init, init_exec, ueventd)
@@ -30,6 +31,12 @@
allow init su:process { siginh rlimitinh };
')
+# Allow init to figure out name of dm-device from it's /dev/block/dm-XX path.
+# This is useful in case of remounting ext4 userdata into checkpointing mode,
+# since it potentially requires tearing down dm-devices (e.g. dm-bow, dm-crypto)
+# that userdata is mounted onto.
+allow init sysfs_dm:file read;
+
# Allow the BoringSSL self test to request a reboot upon failure
set_prop(init, powerctl_prop)
diff --git a/private/network_stack.te b/private/network_stack.te
index a1d97b7..1295a07 100644
--- a/private/network_stack.te
+++ b/private/network_stack.te
@@ -35,3 +35,4 @@
hal_client_domain(network_stack, hal_tetheroffload)
# Create and share netlink_netfilter_sockets for tetheroffload.
allow network_stack self:netlink_netfilter_socket create_socket_perms_no_ioctl;
+allow network_stack network_stack_service:service_manager find;
diff --git a/private/priv_app.te b/private/priv_app.te
index c776907..a414079 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -16,6 +16,10 @@
# webview crash handling depends on self ptrace (b/27697529, b/20150694, b/19277529#comment7)
allow priv_app self:process ptrace;
+# b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own domain.
+userdebug_or_eng(`
+ auditallow priv_app self:process ptrace;
+')
# Allow loading executable code from writable priv-app home
# directories. This is a W^X violation, however, it needs
diff --git a/private/radio.te b/private/radio.te
index a86403e..4d48c93 100644
--- a/private/radio.te
+++ b/private/radio.te
@@ -7,6 +7,9 @@
# Telephony code contains time / time zone detection logic so it reads the associated properties.
get_prop(radio, time_prop)
+# allow telephony to access platform compat to log permission denials
+allow radio platform_compat_service:service_manager find;
+
allow radio uce_service:service_manager find;
# Manage /data/misc/emergencynumberdb
diff --git a/private/service_contexts b/private/service_contexts
index 4361982..1e2409a 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -51,6 +51,7 @@
coverage u:object_r:coverage_service:s0
cpuinfo u:object_r:cpuinfo_service:s0
crossprofileapps u:object_r:crossprofileapps_service:s0
+dataloader_manager u:object_r:dataloader_manager_service:s0
dbinfo u:object_r:dbinfo_service:s0
device_config u:object_r:device_config_service:s0
device_policy u:object_r:device_policy_service:s0
@@ -187,6 +188,7 @@
stats u:object_r:stats_service:s0
statscompanion u:object_r:statscompanion_service:s0
soundtrigger u:object_r:voiceinteraction_service:s0
+soundtrigger_middleware u:object_r:soundtrigger_middleware_service:s0
statusbar u:object_r:statusbar_service:s0
storaged u:object_r:storaged_service:s0
storaged_pri u:object_r:storaged_service:s0
diff --git a/private/storaged.te b/private/storaged.te
index 3ed24b2..b7d4ae9 100644
--- a/private/storaged.te
+++ b/private/storaged.te
@@ -30,6 +30,12 @@
# Needed for GMScore to call dumpsys storaged
allow storaged priv_app:fd use;
+# b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own domain.
+# Remove after no logs are seen for this rule.
+userdebug_or_eng(`
+ auditallow storaged priv_app:fd use;
+')
+allow storaged gmscore_app:fd use;
allow storaged { privapp_data_file app_data_file }:file write;
allow storaged permission_service:service_manager find;
diff --git a/private/system_server.te b/private/system_server.te
index 86c5472..513c70d 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -37,10 +37,12 @@
allow system_server zygote:process sigchld;
# May kill zygote on crashes.
-allow system_server zygote:process sigkill;
-allow system_server crash_dump:process sigkill;
-allow system_server webview_zygote:process sigkill;
-allow system_server app_zygote:process sigkill;
+allow system_server {
+ app_zygote
+ crash_dump
+ webview_zygote
+ zygote
+}:process { sigkill signull };
# Read /system/bin/app_process.
allow system_server zygote_exec:file r_file_perms;
@@ -205,6 +207,7 @@
# Use HALs
hal_client_domain(system_server, hal_allocator)
+hal_client_domain(system_server, hal_audio)
hal_client_domain(system_server, hal_authsecret)
hal_client_domain(system_server, hal_broadcastradio)
hal_client_domain(system_server, hal_codec2)
@@ -714,6 +717,7 @@
allow system_server audioserver_service:service_manager find;
allow system_server batteryproperties_service:service_manager find;
allow system_server cameraserver_service:service_manager find;
+allow system_server dataloader_manager_service:service_manager find;
allow system_server dnsresolver_service:service_manager find;
allow system_server drmserver_service:service_manager find;
allow system_server dumpstate_service:service_manager find;
diff --git a/public/file.te b/public/file.te
index c7cfd18..4d14df7 100644
--- a/public/file.te
+++ b/public/file.te
@@ -179,6 +179,8 @@
type vendor_task_profiles_file, vendor_file_type, file_type;
# Type for /system/apex/com.android.art
type art_apex_dir, system_file_type, file_type;
+# /linkerconfig(/.*)?
+type linkerconfig_file, file_type;
# Default type for directories search for
# HAL implementations
diff --git a/public/hal_can.te b/public/hal_can.te
index c75495b..eb68e46 100644
--- a/public/hal_can.te
+++ b/public/hal_can.te
@@ -7,3 +7,6 @@
binder_call(hal_can_bus_client, hal_can_bus_server)
add_hwservice(hal_can_bus_server, hal_can_bus_hwservice)
allow hal_can_bus_client hal_can_bus_hwservice:hwservice_manager find;
+
+# USB serial type for SLCAN
+type usb_serial_device, dev_type;
diff --git a/public/init.te b/public/init.te
index 8031809..014fb60 100644
--- a/public/init.te
+++ b/public/init.te
@@ -86,6 +86,7 @@
rootfs
cache_file
cgroup
+ linkerconfig_file
storage_file
mnt_user_file
system_data_file
diff --git a/public/property_contexts b/public/property_contexts
index 6eb2d70..f30ae56 100644
--- a/public/property_contexts
+++ b/public/property_contexts
@@ -256,6 +256,7 @@
ro.build.version.incremental u:object_r:exported2_default_prop:s0 exact string
ro.build.version.preview_sdk u:object_r:exported2_default_prop:s0 exact int
ro.build.version.release u:object_r:exported2_default_prop:s0 exact string
+ro.build.version.extensions. u:object_r:module_sdkext_prop:s0 prefix int
ro.build.version.sdk u:object_r:exported2_default_prop:s0 exact int
ro.build.version.security_patch u:object_r:exported2_default_prop:s0 exact string
ro.crypto.state u:object_r:exported_vold_prop:s0 exact string
@@ -368,6 +369,7 @@
ro.odm.build.date u:object_r:exported_default_prop:s0 exact string
ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int
ro.odm.build.fingerprint u:object_r:exported_default_prop:s0 exact string
+ro.odm.build.version.incremental u:object_r:exported_default_prop:s0 exact string
ro.oem.key1 u:object_r:exported_default_prop:s0 exact string
ro.product.board u:object_r:exported_default_prop:s0 exact string
ro.product.cpu.abilist32 u:object_r:exported_default_prop:s0 exact string
@@ -387,6 +389,7 @@
ro.vendor.build.date u:object_r:exported_default_prop:s0 exact string
ro.vendor.build.date.utc u:object_r:exported_default_prop:s0 exact int
ro.vendor.build.fingerprint u:object_r:exported_default_prop:s0 exact string
+ro.vendor.build.version.incremental u:object_r:exported_default_prop:s0 exact string
ro.vndk.lite u:object_r:exported_default_prop:s0 exact bool
ro.vndk.version u:object_r:exported_default_prop:s0 exact string
ro.vts.coverage u:object_r:exported_default_prop:s0 exact int
diff --git a/public/service.te b/public/service.te
index 9163e3b..a9793df 100644
--- a/public/service.te
+++ b/public/service.te
@@ -78,6 +78,7 @@
# with EMMA_INSTRUMENT=true. We should consider locking this down in the future.
type coverage_service, system_server_service, service_manager_type;
type cpuinfo_service, system_api_service, system_server_service, service_manager_type;
+type dataloader_manager_service, system_server_service, service_manager_type;
type dbinfo_service, system_api_service, system_server_service, service_manager_type;
type device_config_service, system_server_service, service_manager_type;
type device_policy_service, app_api_service, system_server_service, service_manager_type;
@@ -163,6 +164,7 @@
type statusbar_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type storagestats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type system_update_service, system_server_service, service_manager_type;
+type soundtrigger_middleware_service, system_server_service, service_manager_type;
type task_service, system_server_service, service_manager_type;
type testharness_service, system_server_service, service_manager_type;
type textclassification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
diff --git a/vendor/hal_can_socketcan.te b/vendor/hal_can_socketcan.te
index 9ee37fd..afa1311 100644
--- a/vendor/hal_can_socketcan.te
+++ b/vendor/hal_can_socketcan.te
@@ -16,7 +16,7 @@
};
# Communicating with SocketCAN interfaces and bringing them up/down
-allow hal_can_socketcan self:can_socket { bind create read write ioctl };
+allow hal_can_socketcan self:can_socket { bind create read write ioctl setopt };
allowxperm hal_can_socketcan self:can_socket ioctl {
SIOCGIFFLAGS
SIOCSIFFLAGS
@@ -24,3 +24,13 @@
# Un-publishing ICanBus interfaces
allow hal_can_socketcan hidl_manager_hwservice:hwservice_manager find;
+
+allow hal_can_socketcan usb_serial_device:chr_file { ioctl read write open };
+allowxperm hal_can_socketcan usb_serial_device:chr_file ioctl {
+ TCGETS
+ TCSETSW
+ TIOCGSERIAL
+ TIOCSSERIAL
+ TIOCSETD
+ SIOCGIFNAME
+};