Merge "Fix data/asan/system/system_ext/lib selinux rule for file_contexts_asan"
diff --git a/prebuilts/api/29.0/private/system_server.te b/prebuilts/api/29.0/private/system_server.te
index 51cbd28..73891c9 100644
--- a/prebuilts/api/29.0/private/system_server.te
+++ b/prebuilts/api/29.0/private/system_server.te
@@ -847,6 +847,7 @@
r_dir_file(system_server, proc_net_type)
r_dir_file(system_server, proc_qtaguid_stat)
allow system_server {
+ proc_cmdline
proc_loadavg
proc_meminfo
proc_pagetypeinfo
diff --git a/prebuilts/api/29.0/public/adbd.te b/prebuilts/api/29.0/public/adbd.te
index 68a176c..4a1f633 100644
--- a/prebuilts/api/29.0/public/adbd.te
+++ b/prebuilts/api/29.0/public/adbd.te
@@ -6,3 +6,6 @@
# Only init is allowed to enter the adbd domain via exec()
neverallow { domain -init } adbd:process transition;
neverallow * adbd:process dyntransition;
+
+# Allow adbd start/stop mdnsd via ctl.start
+set_prop(adbd, ctl_mdnsd_prop)
diff --git a/prebuilts/api/29.0/public/property_contexts b/prebuilts/api/29.0/public/property_contexts
index 3090490..5c6b31f 100644
--- a/prebuilts/api/29.0/public/property_contexts
+++ b/prebuilts/api/29.0/public/property_contexts
@@ -11,11 +11,13 @@
camera.fifo.disable u:object_r:exported3_default_prop:s0 exact int
dalvik.vm.appimageformat u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.backgroundgctype u:object_r:exported_dalvik_prop:s0 exact string
+dalvik.vm.boot-dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.boot-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
dalvik.vm.boot-image u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.checkjni u:object_r:exported_dalvik_prop:s0 exact bool
dalvik.vm.dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string
+dalvik.vm.dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
@@ -33,6 +35,7 @@
dalvik.vm.hot-startup-method-samples u:object_r:exported_dalvik_prop:s0 exact int
dalvik.vm.image-dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.image-dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string
+dalvik.vm.image-dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.image-dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.image-dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string
dalvik.vm.image-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
@@ -404,3 +407,4 @@
ro.surface_flinger.support_kernel_idle_timer u:object_r:exported_default_prop:s0 exact bool
ro.surface_flinger.use_smart_90_for_video u:object_r:exported_default_prop:s0 exact bool
ro.surface_flinger.color_space_agnostic_dataspace u:object_r:exported_default_prop:s0 exact int
+ro.surface_flinger.refresh_rate_switching u:object_r:exported_default_prop:s0 exact bool
diff --git a/prebuilts/api/29.0/public/vendor_misc_writer.te b/prebuilts/api/29.0/public/vendor_misc_writer.te
index 7093fec..dee9941 100644
--- a/prebuilts/api/29.0/public/vendor_misc_writer.te
+++ b/prebuilts/api/29.0/public/vendor_misc_writer.te
@@ -6,6 +6,8 @@
allow vendor_misc_writer misc_block_device:blk_file w_file_perms;
allow vendor_misc_writer block_device:dir r_dir_perms;
-# Silence the denial when calling libfstab's ReadDefaultFstab.
+# Silence the denial when calling libfstab's ReadDefaultFstab, which tries to
+# load DT fstab.
dontaudit vendor_misc_writer proc_cmdline:file read;
dontaudit vendor_misc_writer metadata_file:dir search;
+dontaudit vendor_misc_writer sysfs_dt_firmware_android:dir search;
diff --git a/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil b/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil
index e54aa77..f84e922 100644
--- a/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil
+++ b/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil
@@ -90,6 +90,7 @@
snapshotctl_log_data_file
socket_hook_prop
soundtrigger_middleware_service
+ staged_install_file
storage_config_prop
sysfs_dm_verity
system_adbd_prop
diff --git a/prebuilts/api/30.0/private/file_contexts b/prebuilts/api/30.0/private/file_contexts
index 6250028..2d689c4 100644
--- a/prebuilts/api/30.0/private/file_contexts
+++ b/prebuilts/api/30.0/private/file_contexts
@@ -706,6 +706,7 @@
/metadata/password_slots(/.*)? u:object_r:password_slot_metadata_file:s0
/metadata/ota(/.*)? u:object_r:ota_metadata_file:s0
/metadata/bootstat(/.*)? u:object_r:metadata_bootstat_file:s0
+/metadata/staged-install(/.*)? u:object_r:staged_install_file:s0
#############################
# asec containers
diff --git a/prebuilts/api/30.0/private/fsverity_init.te b/prebuilts/api/30.0/private/fsverity_init.te
index 2559525..4bb3d0f 100644
--- a/prebuilts/api/30.0/private/fsverity_init.te
+++ b/prebuilts/api/30.0/private/fsverity_init.te
@@ -3,11 +3,6 @@
init_daemon_domain(fsverity_init)
-# Allow to retrieve keys from keystore.
-binder_use(fsverity_init)
-use_keystore(fsverity_init)
-allow fsverity_init keystore:keystore_key { list get };
-
# Allow to read /proc/keys for searching key id.
allow fsverity_init proc_keys:file r_file_perms;
diff --git a/prebuilts/api/30.0/private/system_server.te b/prebuilts/api/30.0/private/system_server.te
index 93695db..27bbd53 100644
--- a/prebuilts/api/30.0/private/system_server.te
+++ b/prebuilts/api/30.0/private/system_server.te
@@ -1112,6 +1112,10 @@
allow system_server password_slot_metadata_file:dir rw_dir_perms;
allow system_server password_slot_metadata_file:file create_file_perms;
+# Allow system server rw access to files in /metadata/staged-install folder
+allow system_server staged_install_file:dir rw_dir_perms;
+allow system_server staged_install_file:file create_file_perms;
+
# Allow init to set sysprop used to compute stats about userspace reboot.
set_prop(system_server, userspace_reboot_log_prop)
diff --git a/prebuilts/api/30.0/public/file.te b/prebuilts/api/30.0/public/file.te
index 462e71d..d6bd897 100644
--- a/prebuilts/api/30.0/public/file.te
+++ b/prebuilts/api/30.0/public/file.te
@@ -231,6 +231,8 @@
type ota_metadata_file, file_type;
# property files within /metadata/bootstat
type metadata_bootstat_file, file_type;
+# Staged install files within /metadata/staged-install
+type staged_install_file, file_type;
# Type for /dev/cpu_variant:.*.
type dev_cpu_variant, file_type;
diff --git a/private/access_vectors b/private/access_vectors
index 4144be8..f41eadd 100644
--- a/private/access_vectors
+++ b/private/access_vectors
@@ -138,6 +138,7 @@
wake_alarm
block_suspend
audit_read
+ perfmon
}
#
diff --git a/private/apexd.te b/private/apexd.te
index c03790c..4d9f5ac 100644
--- a/private/apexd.te
+++ b/private/apexd.te
@@ -64,6 +64,9 @@
allow apexd apex_mnt_dir:dir mounton;
# allow apexd to create symlinks in /apex
allow apexd apex_mnt_dir:lnk_file create_file_perms;
+# allow apexd to create /apex/apex-info-list.xml and relabel to apex_info_file
+allow apexd apex_mnt_dir:file { create_file_perms relabelfrom };
+allow apexd apex_info_file:file relabelto;
# allow apexd to unlink apex files in /data/apex/active
# note that apexd won't be able to unlink files in /data/app-staging/session_XXXX,
# because it doesn't have write permission for staging_data_file object.
@@ -159,3 +162,6 @@
# only apexd can set apexd sysprop
set_prop(apexd, apexd_prop)
neverallow { domain -apexd -init } apexd_prop:property_service set;
+
+# only apexd can write apex-info-list.xml
+neverallow { domain -apexd } apex_info_file:file no_w_file_perms;
diff --git a/private/app.te b/private/app.te
index 9964605..3dff8fe 100644
--- a/private/app.te
+++ b/private/app.te
@@ -2,6 +2,14 @@
# the implementation of ActivityManager.isDeviceInTestHarnessMode()
get_prop(appdomain, test_harness_prop)
+get_prop(appdomain, boot_status_prop)
+get_prop(appdomain, dalvik_config_prop)
+get_prop(appdomain, surfaceflinger_color_prop)
+get_prop(appdomain, systemsound_config_prop)
+get_prop(appdomain, telephony_config_prop)
+get_prop(appdomain, userspace_reboot_config_prop)
+get_prop(appdomain, vold_config_prop)
+
userdebug_or_eng(`perfetto_producer({ appdomain })')
# Prevent apps from causing presubmit failures.
diff --git a/private/bpfloader.te b/private/bpfloader.te
index 249f3df..b31fe18 100644
--- a/private/bpfloader.te
+++ b/private/bpfloader.te
@@ -27,8 +27,8 @@
neverallow domain fs_bpf:file { rename unlink };
neverallow { domain -bpfloader } *:bpf { map_create prog_load };
-neverallow { domain -bpfloader -netd -netutils_wrapper -system_server } *:bpf prog_run;
-neverallow { domain -bpfloader -netd -system_server } *:bpf { map_read map_write };
+neverallow { domain -bpfloader -gpuservice -netd -netutils_wrapper -system_server } *:bpf prog_run;
+neverallow { domain -bpfloader -gpuservice -netd -system_server } *:bpf { map_read map_write };
neverallow { domain -bpfloader -init } bpfloader_exec:file { execute execute_no_trans };
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 42b1ef0..9605e34 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -174,6 +174,8 @@
system_lmk_prop
system_update_service
systemsound_config_prop
+ telephony_config_prop
+ telephony_status_prop
test_boot_reason_prop
time_prop
timedetector_service
diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 40e91e2..ed41f76 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -94,6 +94,7 @@
snapshotctl_log_data_file
socket_hook_prop
soundtrigger_middleware_service
+ staged_install_file
storage_config_prop
sysfs_dm_verity
system_adbd_prop
diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
index b49c173..8efa6cb 100644
--- a/private/compat/30.0/30.0.cil
+++ b/private/compat/30.0/30.0.cil
@@ -4,8 +4,10 @@
(type exported_ffs_prop)
(type exported_fingerprint_prop)
(type exported_system_radio_prop)
+(type exported_radio_prop)
(type exported_vold_prop)
(type exported2_config_prop)
+(type exported2_radio_prop)
(type exported2_vold_prop)
(type ffs_prop)
(type system_radio_prop)
@@ -1360,6 +1362,7 @@
hdmi_config_prop
lmkd_config_prop
media_config_prop
+ telephony_config_prop
zram_config_prop))
(typeattributeset exported3_radio_prop_30_0 (exported3_radio_prop))
(typeattributeset exported3_system_prop_30_0
@@ -1385,7 +1388,7 @@
(typeattributeset exported_fingerprint_prop_30_0 (exported_fingerprint_prop fingerprint_prop))
(typeattributeset exported_overlay_prop_30_0 (exported_overlay_prop))
(typeattributeset exported_pm_prop_30_0 (exported_pm_prop))
-(typeattributeset exported_radio_prop_30_0 (exported_radio_prop))
+(typeattributeset exported_radio_prop_30_0 (exported_radio_prop telephony_status_prop))
(typeattributeset exported_secure_prop_30_0 (exported_secure_prop))
(typeattributeset exported_system_prop_30_0 (exported_system_prop))
(typeattributeset exported_system_radio_prop_30_0
diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 3bc59e1..4c444d3 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -5,4 +5,5 @@
(typeattribute new_objects)
(typeattributeset new_objects
( new_objects
+ apex_info_file
gnss_device))
diff --git a/private/coredomain.te b/private/coredomain.te
index 895507c..92efa47 100644
--- a/private/coredomain.te
+++ b/private/coredomain.te
@@ -1,14 +1,21 @@
+get_prop(coredomain, boot_status_prop)
get_prop(coredomain, camera_config_prop)
+get_prop(coredomain, dalvik_config_prop)
get_prop(coredomain, dalvik_runtime_prop)
get_prop(coredomain, exported_pm_prop)
get_prop(coredomain, ffs_config_prop)
get_prop(coredomain, hdmi_config_prop)
get_prop(coredomain, init_service_status_private_prop)
-get_prop(coredomain, init_service_status_prop)
get_prop(coredomain, lmkd_config_prop)
get_prop(coredomain, pm_prop)
+get_prop(coredomain, surfaceflinger_color_prop)
+get_prop(coredomain, systemsound_config_prop)
+get_prop(coredomain, telephony_config_prop)
+
get_prop(coredomain, usb_config_prop)
get_prop(coredomain, usb_control_prop)
+get_prop(coredomain, userspace_reboot_config_prop)
+get_prop(coredomain, vold_config_prop)
full_treble_only(`
neverallow {
@@ -140,6 +147,7 @@
coredomain
-atrace
-dumpstate
+ -gpuservice
-init
-traced_probes
-shell
diff --git a/private/domain.te b/private/domain.te
index bdf5ebd..d563267 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -72,33 +72,22 @@
# For now, everyone can access core property files
# Device specific properties are not granted by default
not_compatible_property(`
- get_prop(domain, boot_status_prop)
+ # DO NOT ADD ANY PROPERTIES HERE
get_prop(domain, core_property_type)
- get_prop(domain, dalvik_config_prop)
- get_prop(domain, exported2_radio_prop)
get_prop(domain, exported2_system_prop)
get_prop(domain, exported3_default_prop)
get_prop(domain, exported3_radio_prop)
get_prop(domain, exported3_system_prop)
- get_prop(domain, surfaceflinger_color_prop)
- get_prop(domain, systemsound_config_prop)
get_prop(domain, vendor_default_prop)
- get_prop(domain, vold_config_prop)
')
compatible_property_only(`
- get_prop({coredomain appdomain shell}, boot_status_prop)
+ # DO NOT ADD ANY PROPERTIES HERE
get_prop({coredomain appdomain shell}, core_property_type)
- get_prop({coredomain appdomain shell}, dalvik_config_prop)
- get_prop({coredomain appdomain shell}, exported2_radio_prop)
get_prop({coredomain appdomain shell}, exported2_system_prop)
get_prop({coredomain appdomain shell}, exported3_default_prop)
get_prop({coredomain appdomain shell}, exported3_radio_prop)
get_prop({coredomain appdomain shell}, exported3_system_prop)
get_prop({coredomain appdomain shell}, exported_camera_prop)
- get_prop({coredomain appdomain shell}, surfaceflinger_color_prop)
- get_prop({coredomain appdomain shell}, systemsound_config_prop)
- get_prop({coredomain appdomain shell}, userspace_reboot_config_prop)
- get_prop({coredomain appdomain shell}, vold_config_prop)
get_prop({coredomain shell}, userspace_reboot_exported_prop)
get_prop({coredomain shell}, userspace_reboot_log_prop)
get_prop({coredomain shell}, userspace_reboot_test_prop)
diff --git a/private/file_contexts b/private/file_contexts
index 218bb51..ca3220c 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -33,6 +33,8 @@
/sys u:object_r:sysfs:s0
/apex u:object_r:apex_mnt_dir:s0
+/apex/apex-info-list.xml u:object_r:apex_info_file:s0
+
# Symlinks
/bin u:object_r:rootfs:s0
/bugreports u:object_r:rootfs:s0
@@ -707,6 +709,7 @@
/metadata/password_slots(/.*)? u:object_r:password_slot_metadata_file:s0
/metadata/ota(/.*)? u:object_r:ota_metadata_file:s0
/metadata/bootstat(/.*)? u:object_r:metadata_bootstat_file:s0
+/metadata/staged-install(/.*)? u:object_r:staged_install_file:s0
#############################
# asec containers
diff --git a/private/fsverity_init.te b/private/fsverity_init.te
index 2559525..4bb3d0f 100644
--- a/private/fsverity_init.te
+++ b/private/fsverity_init.te
@@ -3,11 +3,6 @@
init_daemon_domain(fsverity_init)
-# Allow to retrieve keys from keystore.
-binder_use(fsverity_init)
-use_keystore(fsverity_init)
-allow fsverity_init keystore:keystore_key { list get };
-
# Allow to read /proc/keys for searching key id.
allow fsverity_init proc_keys:file r_file_perms;
diff --git a/private/genfs_contexts b/private/genfs_contexts
index b423e64..78fec91 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -247,6 +247,7 @@
genfscon tracefs /events/task/task_rename/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/task/task_newtask/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/ftrace/print/ u:object_r:debugfs_tracing:s0
+genfscon tracefs /events/gpu_mem/gpu_mem_total u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/trace_clock u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/buffer_size_kb u:object_r:debugfs_tracing:s0
diff --git a/private/gpuservice.te b/private/gpuservice.te
index a4d84ea..31ad788 100644
--- a/private/gpuservice.te
+++ b/private/gpuservice.te
@@ -42,6 +42,21 @@
# TODO(b/146461633): remove this once native pullers talk to StatsManagerService
binder_call(gpuservice, statsd);
+# Needed for reading tracepoint ids in order to attach bpf programs.
+allow gpuservice debugfs_tracing:file r_file_perms;
+allow gpuservice self:perf_event { cpu kernel open write };
+neverallow gpuservice self:perf_event ~{ cpu kernel open write };
+
+# Needed for interact with bpf fs.
+allow gpuservice fs_bpf:dir search;
+allow gpuservice fs_bpf:file read;
+
+# Needed for enable the bpf program and read the map.
+allow gpuservice bpfloader:bpf { map_read prog_run };
+
+# Needed for getting a prop to ensure bpf programs loaded.
+get_prop(gpuservice, bpf_progs_loaded_prop)
+
add_service(gpuservice, gpu_service)
# Only uncomment below line when in development
diff --git a/private/init.te b/private/init.te
index b0e7f80..7a2e0b3 100644
--- a/private/init.te
+++ b/private/init.te
@@ -51,6 +51,7 @@
# kernels that precede the perf_event_open hooks (Android common kernels 4.4
# and 4.9).
allow init self:perf_event { open cpu };
+allow init self:global_capability2_class_set perfmon;
neverallow init self:perf_event { kernel tracepoint read write };
dontaudit init self:perf_event { kernel tracepoint read write };
diff --git a/private/isolated_app.te b/private/isolated_app.te
index 4c6c5aa..33b5219 100644
--- a/private/isolated_app.te
+++ b/private/isolated_app.te
@@ -74,6 +74,9 @@
# Isolated apps should not directly open app data files themselves.
neverallow isolated_app { app_data_file privapp_data_file }:file open;
+# Isolated aps should not be directly accessing system directories
+neverallow isolated_app system_data_file:dir search;
+
# Only allow appending to /data/anr/traces.txt (b/27853304, b/18340553)
# TODO: are there situations where isolated_apps write to this file?
# TODO: should we tighten these restrictions further?
diff --git a/private/property.te b/private/property.te
index ecbfff3..64c8af1 100644
--- a/private/property.te
+++ b/private/property.te
@@ -165,7 +165,6 @@
-hal_telephony_server
-vendor_init
} {
- exported_radio_prop
exported3_radio_prop
}:property_service set;
@@ -175,7 +174,6 @@
-appdomain
-hal_telephony_server
} {
- exported2_radio_prop
radio_prop
}:property_service set;
@@ -393,3 +391,11 @@
init_service_status_private_prop
init_service_status_prop
}:property_service set;
+
+neverallow {
+ -init
+ -radio
+ -appdomain
+ -hal_telephony_server
+ not_compatible_property(`-vendor_init')
+} telephony_status_prop:property_service set;
diff --git a/private/property_contexts b/private/property_contexts
index 61b9078..4793437 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -250,8 +250,6 @@
# history size.
ro.lib_gui.frame_event_history_size u:object_r:bq_config_prop:s0
-persist.radio.airplane_mode_on u:object_r:exported2_radio_prop:s0 exact bool
-
af.fast_track_multiplier u:object_r:audio_config_prop:s0 exact int
ro.af.client_heap_size_kbyte u:object_r:audio_config_prop:s0 exact int
@@ -358,10 +356,6 @@
persist.config.calibration_fac u:object_r:exported3_default_prop:s0 exact string
-persist.dbg.volte_avail_ovr u:object_r:exported3_default_prop:s0 exact int
-persist.dbg.vt_avail_ovr u:object_r:exported3_default_prop:s0 exact int
-persist.dbg.wfc_avail_ovr u:object_r:exported3_default_prop:s0 exact int
-
persist.radio.multisim.config u:object_r:exported3_radio_prop:s0 exact string
persist.sys.hdmi.keep_awake u:object_r:hdmi_config_prop:s0 exact bool
@@ -389,13 +383,16 @@
ro.bt.bdaddr_path u:object_r:exported_bluetooth_prop:s0 exact string
-ro.com.android.dataroaming u:object_r:exported3_default_prop:s0 exact bool
-ro.com.android.prov_mobiledata u:object_r:exported3_default_prop:s0 exact bool
-
-ro.config.alarm_alert u:object_r:systemsound_config_prop:s0 exact string
-ro.config.media_vol_steps u:object_r:systemsound_config_prop:s0 exact int
-ro.config.notification_sound u:object_r:systemsound_config_prop:s0 exact string
-ro.config.ringtone u:object_r:systemsound_config_prop:s0 exact string
+ro.config.alarm_alert u:object_r:systemsound_config_prop:s0 exact string
+ro.config.alarm_vol_default u:object_r:systemsound_config_prop:s0 exact int
+ro.config.alarm_vol_steps u:object_r:systemsound_config_prop:s0 exact int
+ro.config.media_vol_default u:object_r:systemsound_config_prop:s0 exact int
+ro.config.media_vol_steps u:object_r:systemsound_config_prop:s0 exact int
+ro.config.notification_sound u:object_r:systemsound_config_prop:s0 exact string
+ro.config.ringtone u:object_r:systemsound_config_prop:s0 exact string
+ro.config.system_vol_default u:object_r:systemsound_config_prop:s0 exact int
+ro.config.system_vol_steps u:object_r:systemsound_config_prop:s0 exact int
+ro.config.vc_call_vol_default u:object_r:systemsound_config_prop:s0 exact int
ro.config.per_app_memcg u:object_r:exported3_default_prop:s0 exact bool
@@ -456,20 +453,12 @@
ro.opengles.version u:object_r:exported3_default_prop:s0 exact int
-ro.radio.noril u:object_r:exported3_default_prop:s0 exact string
-
ro.rebootescrow.device u:object_r:rebootescrow_hal_prop:s0 exact string
-ro.retaildemo.video_path u:object_r:exported3_default_prop:s0 exact string
-
ro.statsd.enable u:object_r:exported3_default_prop:s0 exact bool
ro.storage_manager.enabled u:object_r:exported3_default_prop:s0 exact bool
-ro.telephony.call_ring.multiple u:object_r:exported3_default_prop:s0 exact bool
-ro.telephony.default_cdma_sub u:object_r:exported3_default_prop:s0 exact int
-ro.telephony.default_network u:object_r:exported3_default_prop:s0 exact string
-
ro.vehicle.hal u:object_r:vehicle_hal_prop:s0 exact string
ro.vendor.build.security_patch u:object_r:vendor_security_patch_level_prop:s0 exact string
@@ -502,9 +491,6 @@
sys.usb.ffs.ready u:object_r:ffs_control_prop:s0 exact bool
sys.usb.ffs.mtp.ready u:object_r:ffs_control_prop:s0 exact bool
-telephony.lteOnCdmaDevice u:object_r:exported3_default_prop:s0 exact int
-telephony.active_modems.max_count u:object_r:exported3_default_prop:s0 exact int
-
tombstoned.max_tombstone_count u:object_r:exported3_default_prop:s0 exact int
vold.post_fs_data_done u:object_r:vold_config_prop:s0 exact int
@@ -652,11 +638,6 @@
ro.product.vendor.model u:object_r:build_vendor_prop:s0 exact string
ro.product.vendor.name u:object_r:build_vendor_prop:s0 exact string
-# These are also set by /vendor/build.prop
-ro.bootimage.build.date u:object_r:build_vendor_prop:s0 exact string
-ro.bootimage.build.date.utc u:object_r:build_vendor_prop:s0 exact int
-ro.bootimage.build.fingerprint u:object_r:build_vendor_prop:s0 exact string
-
ro.crypto.state u:object_r:vold_status_prop:s0 exact enum encrypted unencrypted unsupported
ro.crypto.type u:object_r:vold_status_prop:s0 exact enum block file none
@@ -683,8 +664,6 @@
aaudio.mmap_policy u:object_r:exported_default_prop:s0 exact int
aaudio.wakeup_delay_usec u:object_r:exported_default_prop:s0 exact int
-gsm.sim.operator.numeric u:object_r:exported_radio_prop:s0 exact string
-
media.mediadrmservice.enable u:object_r:exported_default_prop:s0 exact bool
persist.rcs.supported u:object_r:exported_default_prop:s0 exact int
@@ -697,6 +676,7 @@
ro.board.platform u:object_r:exported_default_prop:s0 exact string
ro.boot.fake_battery u:object_r:exported_default_prop:s0 exact int
+ro.boot.fstab_suffix u:object_r:exported_default_prop:s0 exact string
ro.boot.hardware.revision u:object_r:exported_default_prop:s0 exact string
ro.boot.product.hardware.sku u:object_r:exported_default_prop:s0 exact string
ro.boot.product.vendor.sku u:object_r:exported_default_prop:s0 exact string
@@ -767,8 +747,6 @@
ro.product.vndk.version u:object_r:vndk_prop:s0 exact string
-ro.telephony.iwlan_operation_mode u:object_r:exported_radio_prop:s0 exact enum default legacy AP-assisted
-
ro.vndk.lite u:object_r:vndk_prop:s0 exact bool
ro.vndk.version u:object_r:vndk_prop:s0 exact string
@@ -857,3 +835,19 @@
cache_key.bluetooth. u:object_r:binder_cache_bluetooth_server_prop:s0 prefix string
cache_key.system_server. u:object_r:binder_cache_system_server_prop:s0 prefix string
cache_key.telephony. u:object_r:binder_cache_telephony_server_prop:s0 prefix string
+
+gsm.sim.operator.numeric u:object_r:telephony_status_prop:s0 exact string
+persist.radio.airplane_mode_on u:object_r:telephony_status_prop:s0 exact bool
+
+ro.com.android.dataroaming u:object_r:telephony_config_prop:s0 exact bool
+ro.com.android.prov_mobiledata u:object_r:telephony_config_prop:s0 exact bool
+ro.radio.noril u:object_r:telephony_config_prop:s0 exact string
+ro.telephony.call_ring.multiple u:object_r:telephony_config_prop:s0 exact bool
+ro.telephony.default_cdma_sub u:object_r:telephony_config_prop:s0 exact int
+ro.telephony.default_network u:object_r:telephony_config_prop:s0 exact string
+ro.telephony.iwlan_operation_mode u:object_r:telephony_config_prop:s0 exact enum default legacy AP-assisted
+telephony.active_modems.max_count u:object_r:telephony_config_prop:s0 exact int
+telephony.lteOnCdmaDevice u:object_r:telephony_config_prop:s0 exact int
+persist.dbg.volte_avail_ovr u:object_r:telephony_config_prop:s0 exact int
+persist.dbg.vt_avail_ovr u:object_r:telephony_config_prop:s0 exact int
+persist.dbg.wfc_avail_ovr u:object_r:telephony_config_prop:s0 exact int
diff --git a/private/radio.te b/private/radio.te
index db9820d..fad6174 100644
--- a/private/radio.te
+++ b/private/radio.te
@@ -6,10 +6,9 @@
# Property service
set_prop(radio, radio_prop)
-set_prop(radio, exported_radio_prop)
-set_prop(radio, exported2_radio_prop)
set_prop(radio, exported3_radio_prop)
set_prop(radio, net_radio_prop)
+set_prop(radio, telephony_status_prop)
# ctl interface
set_prop(radio, ctl_rildaemon_prop)
diff --git a/private/system_server.te b/private/system_server.te
index bd87ead..e71e847 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1094,6 +1094,9 @@
# Allow system server to scan /apex for flattened APEXes
allow system_server apex_mnt_dir:dir r_dir_perms;
+# Allow system server to read /apex/apex-info-list.xml
+allow system_server apex_info_file:file r_file_perms;
+
# Allow system server to communicate to system-suspend's control interface
allow system_server system_suspend_control_service:service_manager find;
binder_call(system_server, system_suspend)
@@ -1128,6 +1131,10 @@
allow system_server password_slot_metadata_file:dir rw_dir_perms;
allow system_server password_slot_metadata_file:file create_file_perms;
+# Allow system server rw access to files in /metadata/staged-install folder
+allow system_server staged_install_file:dir rw_dir_perms;
+allow system_server staged_install_file:file create_file_perms;
+
# Allow init to set sysprop used to compute stats about userspace reboot.
set_prop(system_server, userspace_reboot_log_prop)
diff --git a/private/zygote.te b/private/zygote.te
index 5f08f8d..b1e2378 100644
--- a/private/zygote.te
+++ b/private/zygote.te
@@ -200,6 +200,9 @@
# Allow zygote to access media_variant_prop for static initialization
get_prop(zygote, media_variant_prop)
+# Allow zygote to read /apex/apex-info-list.xml
+allow zygote apex_info_file:file r_file_perms;
+
###
### neverallow rules
###
diff --git a/public/bootanim.te b/public/bootanim.te
index eb3eba5..acef6da 100644
--- a/public/bootanim.te
+++ b/public/bootanim.te
@@ -23,6 +23,7 @@
allow bootanim audioserver_service:service_manager find;
allow bootanim surfaceflinger_service:service_manager find;
+allow bootanim surfaceflinger:unix_stream_socket { read write };
# Allow access to ion memory allocation device
allow bootanim ion_device:chr_file rw_file_perms;
diff --git a/public/domain.te b/public/domain.te
index 8973dcd..a88074b 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -101,15 +101,16 @@
get_prop(domain, exported_config_prop)
get_prop(domain, exported_default_prop)
get_prop(domain, exported_dumpstate_prop)
-get_prop(domain, exported_radio_prop)
get_prop(domain, exported_secure_prop)
get_prop(domain, exported_system_prop)
get_prop(domain, exported2_default_prop)
get_prop(domain, fingerprint_prop)
+get_prop(domain, init_service_status_prop)
get_prop(domain, libc_debug_prop)
get_prop(domain, logd_prop)
get_prop(domain, socket_hook_prop)
get_prop(domain, surfaceflinger_prop)
+get_prop(domain, telephony_status_prop)
get_prop(domain, vendor_socket_hook_prop)
get_prop(domain, vndk_prop)
get_prop(domain, vold_status_prop)
@@ -228,10 +229,12 @@
allow domain system_data_file:dir getattr;
')
allow { coredomain appdomain } system_data_file:dir getattr;
-# /data has the label system_data_root_file. Vendor components need the search
-# permission on system_data_root_file for path traversal to /data/vendor.
+# /data has the label system_data_root_file. Many components need search
+# permission on system_data_root_file for path traversal.
allow domain system_data_root_file:dir { search getattr } ;
-allow domain system_data_file:dir search;
+# Isolated apps have no need to traverse system_data_file dirs
+allow { domain -isolated_app } system_data_file:dir search;
+# Vendor components need access to /dara/vendor
# TODO restrict this to non-coredomain
allow domain vendor_data_file:dir { getattr search };
diff --git a/public/file.te b/public/file.te
index 462e71d..ca7f09c 100644
--- a/public/file.te
+++ b/public/file.te
@@ -231,6 +231,8 @@
type ota_metadata_file, file_type;
# property files within /metadata/bootstat
type metadata_bootstat_file, file_type;
+# Staged install files within /metadata/staged-install
+type staged_install_file, file_type;
# Type for /dev/cpu_variant:.*.
type dev_cpu_variant, file_type;
@@ -336,6 +338,9 @@
# Mount point used for APEX images
type apex_mnt_dir, file_type;
+# /apex/apex-info-list.xml created by apexd
+type apex_info_file, file_type;
+
# /postinstall: Mount point used by update_engine to run postinstall.
type postinstall_mnt_dir, file_type;
# Files inside the /postinstall mountpoint are all labeled as postinstall_file.
diff --git a/public/hal_telephony.te b/public/hal_telephony.te
index 3e4b65d..7966271 100644
--- a/public/hal_telephony.te
+++ b/public/hal_telephony.te
@@ -20,10 +20,10 @@
allow hal_telephony_server bluetooth_efs_file:dir r_dir_perms;
# property service
+get_prop(hal_telephony_server, telephony_config_prop)
set_prop(hal_telephony_server, radio_prop)
-set_prop(hal_telephony_server, exported_radio_prop)
-set_prop(hal_telephony_server, exported2_radio_prop)
set_prop(hal_telephony_server, exported3_radio_prop)
+set_prop(hal_telephony_server, telephony_status_prop)
allow hal_telephony_server tty_device:chr_file rw_file_perms;
diff --git a/public/init.te b/public/init.te
index 403b4c5..1390e9e 100644
--- a/public/init.te
+++ b/public/init.te
@@ -203,6 +203,7 @@
allow init {
file_type
+ -apex_info_file
-app_data_file
-exec_type
-gsi_data_file
diff --git a/public/property.te b/public/property.te
index ba033f6..227384b 100644
--- a/public/property.te
+++ b/public/property.te
@@ -72,6 +72,7 @@
system_restricted_prop(socket_hook_prop)
system_restricted_prop(system_boot_reason_prop)
system_restricted_prop(system_jvmti_agent_prop)
+system_restricted_prop(usb_prop)
system_restricted_prop(userspace_reboot_exported_prop)
system_restricted_prop(vold_status_prop)
@@ -96,7 +97,6 @@
system_restricted_prop(shell_prop)
system_restricted_prop(test_harness_prop)
system_restricted_prop(theme_prop)
- system_restricted_prop(usb_prop)
system_restricted_prop(use_memfd_prop)
system_restricted_prop(vold_prop)
')
@@ -122,6 +122,7 @@
system_vendor_config_prop(storage_config_prop)
system_vendor_config_prop(surfaceflinger_prop)
system_vendor_config_prop(systemsound_config_prop)
+system_vendor_config_prop(telephony_config_prop)
system_vendor_config_prop(usb_config_prop)
system_vendor_config_prop(userspace_reboot_config_prop)
system_vendor_config_prop(vehicle_hal_prop)
@@ -145,13 +146,11 @@
system_public_prop(debug_prop)
system_public_prop(dumpstate_options_prop)
system_public_prop(exported_system_prop)
-system_public_prop(exported2_radio_prop)
system_public_prop(exported2_system_prop)
system_public_prop(exported3_radio_prop)
system_public_prop(exported_bluetooth_prop)
system_public_prop(exported_overlay_prop)
system_public_prop(exported_pm_prop)
-system_public_prop(exported_radio_prop)
system_public_prop(exported_wifi_prop)
system_public_prop(ffs_control_prop)
system_public_prop(sota_prop)
@@ -169,6 +168,7 @@
system_public_prop(serialno_prop)
system_public_prop(surfaceflinger_color_prop)
system_public_prop(system_prop)
+system_public_prop(telephony_status_prop)
system_public_prop(usb_control_prop)
system_public_prop(wifi_log_prop)
system_public_prop(wifi_prop)
@@ -235,7 +235,6 @@
system_public_prop(shell_prop)
system_public_prop(test_harness_prop)
system_public_prop(theme_prop)
- system_public_prop(usb_prop)
system_public_prop(use_memfd_prop)
system_public_prop(vold_prop)
')
diff --git a/public/vendor_init.te b/public/vendor_init.te
index 5cf085d..30eba23 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -74,6 +74,7 @@
-vold_metadata_file
-gsi_metadata_file
-apex_metadata_file
+ -apex_info_file
}:file { create getattr open read write setattr relabelfrom unlink map };
allow vendor_init {
@@ -218,7 +219,6 @@
set_prop(vendor_init, exported_default_prop)
set_prop(vendor_init, exported_overlay_prop)
set_prop(vendor_init, exported_pm_prop)
-set_prop(vendor_init, exported_radio_prop)
set_prop(vendor_init, exported_wifi_prop)
set_prop(vendor_init, exported2_system_prop)
set_prop(vendor_init, exported3_default_prop)
@@ -243,9 +243,7 @@
set_prop(vendor_init, zram_control_prop)
get_prop(vendor_init, boot_status_prop)
-get_prop(vendor_init, exported2_radio_prop)
get_prop(vendor_init, exported3_system_prop)
-get_prop(vendor_init, init_service_status_prop)
get_prop(vendor_init, ota_prop)
get_prop(vendor_init, provisioned_prop)
get_prop(vendor_init, retaildemo_prop)