Merge "Revert "Add GNSS AIDL interfaces (system/sepolicy)""
diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
index d16d9ed..52e212d 100644
--- a/private/compat/30.0/30.0.cil
+++ b/private/compat/30.0/30.0.cil
@@ -17,6 +17,7 @@
(type exported3_radio_prop)
(type ffs_prop)
(type system_radio_prop)
+(type thermalcallback_hwservice)
(typeattribute binder_in_vendor_violators)
diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 894cf61..08fa1ac 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -9,6 +9,7 @@
apex_info_file
cgroup_v2
debugfs_kprobes
+ dmabuf_system_heap_device
gki_apex_prepostinstall
gki_apex_prepostinstall_exec
hal_fingerprint_service
@@ -28,5 +29,4 @@
shell_test_data_file
sysfs_devices_cs_etm
update_engine_stable_service
- updateable_module_file
userspace_reboot_metadata_file))
diff --git a/private/file_contexts b/private/file_contexts
index 8fa09bb..efb2c14 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -92,6 +92,7 @@
/dev/bus/usb(.*)? u:object_r:usb_device:s0
/dev/console u:object_r:console_device:s0
/dev/cpu_variant:.* u:object_r:dev_cpu_variant:s0
+/dev/dma_heap/system u:object_r:dmabuf_system_heap_device:s0
/dev/device-mapper u:object_r:dm_device:s0
/dev/eac u:object_r:audio_device:s0
/dev/event-log-tags u:object_r:runtime_event_log_tags_file:s0
@@ -479,13 +480,6 @@
/(odm_dlkm|vendor/odm_dlkm|system/vendor/odm_dlkm)(/.*)? u:object_r:vendor_file:s0
#############################
-# Modules files
-# This includes updateable modules (including APEXes and APKs) that are stored
-# in the modules partition.
-#
-/modules(/.*)? u:object_r:updateable_module_file:s0
-
-#############################
# Vendor files from /(product|system/product)/vendor_overlay
#
# NOTE: For additional vendor file contexts for vendor overlay files,
diff --git a/private/gmscore_app.te b/private/gmscore_app.te
index 5022160..ff7444f 100644
--- a/private/gmscore_app.te
+++ b/private/gmscore_app.te
@@ -127,3 +127,7 @@
# b/148974132: com.android.vending needs this
allow gmscore_app priv_app:tcp_socket { read write };
+
+# b/168059475 Allow GMSCore to read Virtual AB properties to determine
+# if device supports VAB.
+get_prop(gmscore_app, virtual_ab_prop)
diff --git a/private/hwservice_contexts b/private/hwservice_contexts
index c45b0ef..5b6e79d 100644
--- a/private/hwservice_contexts
+++ b/private/hwservice_contexts
@@ -63,7 +63,6 @@
android.hardware.tetheroffload.config::IOffloadConfig u:object_r:hal_tetheroffload_hwservice:s0
android.hardware.tetheroffload.control::IOffloadControl u:object_r:hal_tetheroffload_hwservice:s0
android.hardware.thermal::IThermal u:object_r:hal_thermal_hwservice:s0
-android.hardware.thermal::IThermalCallback u:object_r:thermalcallback_hwservice:s0
android.hardware.tv.cec::IHdmiCec u:object_r:hal_tv_cec_hwservice:s0
android.hardware.tv.input::ITvInput u:object_r:hal_tv_input_hwservice:s0
android.hardware.tv.tuner::ITuner u:object_r:hal_tv_tuner_hwservice:s0
diff --git a/private/property_contexts b/private/property_contexts
index 4785707..5bf7807 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -235,8 +235,8 @@
ro.enable_boot_charger_mode u:object_r:charger_config_prop:s0 exact bool
# Virtual A/B properties
-ro.virtual_ab.enabled u:object_r:virtual_ab_prop:s0
-ro.virtual_ab.retrofit u:object_r:virtual_ab_prop:s0
+ro.virtual_ab.enabled u:object_r:virtual_ab_prop:s0 exact bool
+ro.virtual_ab.retrofit u:object_r:virtual_ab_prop:s0 exact bool
ro.product.ab_ota_partitions u:object_r:ota_prop:s0 exact string
# Property to set/clear the warm reset flag after an OTA update.
@@ -862,6 +862,8 @@
gsm.sim.operator.numeric u:object_r:telephony_status_prop:s0 exact string
persist.radio.airplane_mode_on u:object_r:telephony_status_prop:s0 exact bool
+ro.cdma.home.operator.alpha u:object_r:telephony_config_prop:s0 exact string
+ro.cdma.home.operator.numeric u:object_r:telephony_config_prop:s0 exact string
ro.com.android.dataroaming u:object_r:telephony_config_prop:s0 exact bool
ro.com.android.prov_mobiledata u:object_r:telephony_config_prop:s0 exact bool
ro.radio.noril u:object_r:telephony_config_prop:s0 exact string
diff --git a/private/service_contexts b/private/service_contexts
index 7d36973..0b6492c 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -139,6 +139,7 @@
media.extractor u:object_r:mediaextractor_service:s0
media.transcoding u:object_r:mediatranscoding_service:s0
media.resource_manager u:object_r:mediaserver_service:s0
+media.resource_observer u:object_r:mediaserver_service:s0
media.sound_trigger_hw u:object_r:audioserver_service:s0
media.drm u:object_r:mediadrmserver_service:s0
media_projection u:object_r:media_projection_service:s0
diff --git a/private/system_server.te b/private/system_server.te
index bd57ad8..f344bbb 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -933,6 +933,9 @@
allow system_server cgroup_v2:dir rw_dir_perms;
allow system_server cgroup_v2:file rw_file_perms;
+# Access to /dev/dma_heap/system
+allow system_server dmabuf_system_heap_device:chr_file r_file_perms;
+
r_dir_file(system_server, proc_asound)
r_dir_file(system_server, proc_net_type)
r_dir_file(system_server, proc_qtaguid_stat)
@@ -1012,8 +1015,8 @@
get_prop(system_server, wifi_config_prop)
-# Only system server can access BINDER_FREEZE
-allowxperm system_server binder_device:chr_file ioctl { BINDER_FREEZE };
+# Only system server can access BINDER_FREEZE and BINDER_GET_FROZEN_INFO
+allowxperm system_server binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };
###
### Neverallow rules
@@ -1236,4 +1239,6 @@
# BINDER_FREEZE is used to block ipc transactions to frozen processes, so it
# can be accessed by system_server only (b/143717177)
-neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_FREEZE };
+# BINDER_GET_FROZEN_INFO is used by system_server to determine the state of a frozen binder
+# interface
+neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };
diff --git a/private/traceur_app.te b/private/traceur_app.te
index b7e58ba..2937e26 100644
--- a/private/traceur_app.te
+++ b/private/traceur_app.te
@@ -21,7 +21,4 @@
dontaudit traceur_app debugfs_tracing_debug:file audit_access;
-# Allow Traceur to enable traced if necessary.
-set_prop(traceur_app, traced_enabled_prop)
-
set_prop(traceur_app, debug_prop)
diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index 4acc0e8..bc90450 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te
@@ -2,7 +2,8 @@
### Untrusted_app_all.
###
### This file defines the rules shared by all untrusted app domains except
-### ephemeral_app for instant apps.
+### ephemeral_app for instant apps and isolated_app (which has a reduced
+### permission set).
### Apps are labeled based on mac_permissions.xml (maps signer and
### optionally package name to seinfo value) and seapp_contexts (maps UID
### and optionally seinfo value to domain for process and type for data
diff --git a/public/app.te b/public/app.te
index 8263c09..ad1696f 100644
--- a/public/app.te
+++ b/public/app.te
@@ -308,6 +308,7 @@
ioctl { unpriv_sock_ioctls unpriv_tty_ioctls };
allow { appdomain -isolated_app } ion_device:chr_file r_file_perms;
+allow { appdomain -isolated_app } dmabuf_system_heap_device:chr_file r_file_perms;
# Allow AAudio apps to use shared memory file descriptors from the HAL
allow { appdomain -isolated_app } hal_audio:fd use;
diff --git a/public/attributes b/public/attributes
index 75b0c25..3582a09 100644
--- a/public/attributes
+++ b/public/attributes
@@ -184,7 +184,7 @@
# All domains used for apps.
attribute appdomain;
-# All third party apps.
+# All third party apps (except isolated_app and ephemeral_app)
attribute untrusted_app_all;
# All domains used for apps with network access.
diff --git a/public/device.te b/public/device.te
index 43d6322..4282a25 100644
--- a/public/device.te
+++ b/public/device.te
@@ -44,6 +44,7 @@
type fuse_device, dev_type, mlstrustedobject;
type iio_device, dev_type;
type ion_device, dev_type, mlstrustedobject;
+type dmabuf_system_heap_device, dev_type, mlstrustedobject;
type qtaguid_device, dev_type;
type watchdog_device, dev_type;
type uhid_device, dev_type;
diff --git a/public/file.te b/public/file.te
index 383dea6..3d10999 100644
--- a/public/file.te
+++ b/public/file.te
@@ -532,9 +532,6 @@
# vndservice_contexts file
type vndservice_contexts_file, file_type;
-# /modules for updateable modules
-type updateable_module_file, file_type;
-
# Allow files to be created in their appropriate filesystems.
allow fs_type self:filesystem associate;
allow cgroup tmpfs:filesystem associate;
diff --git a/public/hwservice.te b/public/hwservice.te
index 6f223dd..11b77f0 100644
--- a/public/hwservice.te
+++ b/public/hwservice.te
@@ -58,7 +58,6 @@
type system_net_netd_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice;
type system_suspend_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice;
type system_wifi_keystore_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice;
-type thermalcallback_hwservice, hwservice_manager_type, protected_hwservice;
# Following is the hwservices that are explicitly not marked with protected_hwservice.
# These are directly accessible from untrusted apps.
diff --git a/public/ioctl_defines b/public/ioctl_defines
index 8b28beb..5187162 100644
--- a/public/ioctl_defines
+++ b/public/ioctl_defines
@@ -133,6 +133,7 @@
define(`BC_REQUEST_DEATH_NOTIFICATION', `0x400c630e')
define(`BC_TRANSACTION', `0x40406300')
define(`BINDER_FREEZE', `0x400c620e')
+define(`BINDER_GET_FROZEN_INFO', `0xc00c620f')
define(`BINDER_GET_NODE_DEBUG_INFO', `0xc018620b')
define(`BINDER_GET_NODE_INFO_FOR_REF', `0xc018620c')
define(`BINDER_SET_CONTEXT_MGR', `0x40046207')
diff --git a/public/mediaserver.te b/public/mediaserver.te
index 86db99c..1978aa3 100644
--- a/public/mediaserver.te
+++ b/public/mediaserver.te
@@ -119,6 +119,7 @@
allow mediaserver preloads_media_file:file { getattr read ioctl };
allow mediaserver ion_device:chr_file r_file_perms;
+allow mediaserver dmabuf_system_heap_device:chr_file r_file_perms;
allow mediaserver hal_graphics_allocator:fd use;
allow mediaserver hal_graphics_composer:fd use;
allow mediaserver hal_camera:fd use;
diff --git a/public/mediaswcodec.te b/public/mediaswcodec.te
index 992baab..8e35225 100644
--- a/public/mediaswcodec.te
+++ b/public/mediaswcodec.te
@@ -23,3 +23,4 @@
# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
neverallow mediaswcodec domain:{ tcp_socket udp_socket rawip_socket } *;
+allow mediaswcodec dmabuf_system_heap_device:chr_file r_file_perms;
diff --git a/public/ueventd.te b/public/ueventd.te
index 1d75080..9c2575a 100644
--- a/public/ueventd.te
+++ b/public/ueventd.te
@@ -31,6 +31,9 @@
# Access for /vendor/ueventd.rc and /vendor/firmware
r_dir_file(ueventd, { vendor_file_type -vendor_app_file -vendor_overlay_file })
+# Access for /apex/*/firmware
+allow ueventd apex_mnt_dir:dir r_dir_perms;
+
# Get file contexts for new device nodes
allow ueventd file_contexts_file:file r_file_perms;