Merge "Allow update_engine to get gsid property"
diff --git a/Android.bp b/Android.bp
index 4973c13..a2f202f 100644
--- a/Android.bp
+++ b/Android.bp
@@ -375,3 +375,12 @@
reqd_mask: true,
soc_specific: true,
}
+
+// For vts_treble_sys_prop_test
+filegroup {
+ name: "private_property_contexts",
+ srcs: ["private/property_contexts"],
+ visibility: [
+ "//test/vts-testcase/security/system_property",
+ ],
+}
diff --git a/METADATA b/METADATA
new file mode 100644
index 0000000..313792c
--- /dev/null
+++ b/METADATA
@@ -0,0 +1,3 @@
+third_party {
+ license_type: UNENCUMBERED
+}
diff --git a/prebuilts/api/29.0/private/genfs_contexts b/prebuilts/api/29.0/private/genfs_contexts
index b737f60..380d4a0 100644
--- a/prebuilts/api/29.0/private/genfs_contexts
+++ b/prebuilts/api/29.0/private/genfs_contexts
@@ -234,6 +234,7 @@
genfscon tracefs /events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon tracefs /events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/task/task_rename/ u:object_r:debugfs_tracing:s0
@@ -278,6 +279,7 @@
genfscon debugfs /tracing/events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon debugfs /tracing/events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/task/task_rename/ u:object_r:debugfs_tracing:s0
diff --git a/private/bug_map b/private/bug_map
index 43a77aa..eaa1593 100644
--- a/private/bug_map
+++ b/private/bug_map
@@ -30,5 +30,6 @@
system_server sdcardfs file b/77856826
system_server storage_stub_file dir b/145267097
system_server zygote process b/77856826
+untrusted_app untrusted_app netlink_route_socket b/155595000
vold system_data_file file b/124108085
zygote untrusted_app_25 process b/77925912
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index d726fcd..cb7eb22 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -21,6 +21,7 @@
atrace
binder_calls_stats_service
biometric_service
+ boot_status_prop
bootloader_boot_reason_prop
blank_screen
blank_screen_exec
@@ -39,6 +40,7 @@
ctl_interface_start_prop
ctl_interface_stop_prop
ctl_sigstop_prop
+ dalvik_config_prop
device_config_boot_count_prop
device_config_reset_performed_prop
device_config_netd_native_prop
@@ -161,6 +163,7 @@
statscompanion_service
storaged_data_file
super_block_device
+ surfaceflinger_color_prop
surfaceflinger_prop
sysfs_fs_ext4_features
system_boot_reason_prop
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 27faba7..19cd7fb 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -23,6 +23,7 @@
blank_screen
blank_screen_exec
blank_screen_tmpfs
+ boot_status_prop
bootloader_boot_reason_prop
bluetooth_a2dp_offload_prop
bpfloader
@@ -37,6 +38,7 @@
ctl_interface_start_prop
ctl_interface_stop_prop
ctl_sigstop_prop
+ dalvik_config_prop
device_config_boot_count_prop
device_config_reset_performed_prop
device_config_netd_native_prop
@@ -147,6 +149,7 @@
statsdw_socket
storaged_data_file
super_block_device
+ surfaceflinger_color_prop
surfaceflinger_prop
staging_data_file
system_boot_reason_prop
diff --git a/private/compat/29.0/29.0.cil b/private/compat/29.0/29.0.cil
index d81263c..680d511 100644
--- a/private/compat/29.0/29.0.cil
+++ b/private/compat/29.0/29.0.cil
@@ -1,5 +1,6 @@
;; types removed from current policy
(type ashmemd)
+(type exported_dalvik_prop)
(type exported_vold_prop)
(type exported2_config_prop)
(type exported2_vold_prop)
@@ -1200,15 +1201,17 @@
(typeattributeset exported2_config_prop_29_0 (exported2_config_prop systemsound_config_prop))
(typeattributeset exported2_default_prop_29_0 (exported2_default_prop))
(typeattributeset exported2_radio_prop_29_0 (exported2_radio_prop))
-(typeattributeset exported2_system_prop_29_0 (exported2_system_prop))
+(typeattributeset exported2_system_prop_29_0
+ ( exported2_system_prop
+ surfaceflinger_color_prop))
(typeattributeset exported2_vold_prop_29_0 (exported2_vold_prop vold_config_prop))
(typeattributeset exported3_default_prop_29_0 (exported3_default_prop))
(typeattributeset exported3_radio_prop_29_0 (exported3_radio_prop))
-(typeattributeset exported3_system_prop_29_0 (exported3_system_prop))
+(typeattributeset exported3_system_prop_29_0 (exported3_system_prop boot_status_prop))
(typeattributeset exported_audio_prop_29_0 (exported_audio_prop))
(typeattributeset exported_bluetooth_prop_29_0 (exported_bluetooth_prop))
(typeattributeset exported_config_prop_29_0 (exported_config_prop))
-(typeattributeset exported_dalvik_prop_29_0 (exported_dalvik_prop))
+(typeattributeset exported_dalvik_prop_29_0 (exported_dalvik_prop dalvik_config_prop))
(typeattributeset exported_default_prop_29_0
( exported_default_prop
surfaceflinger_prop
diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 39d1aee..fadc7db 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -56,6 +56,7 @@
hal_tv_tuner_hwservice
hal_vibrator_service
incremental_control_file
+ incremental_prop
incremental_service
init_perf_lsm_hooks_prop
init_svc_debug_prop
diff --git a/private/coredomain.te b/private/coredomain.te
index 32a1e3f..ab731f1 100644
--- a/private/coredomain.te
+++ b/private/coredomain.te
@@ -88,7 +88,7 @@
-webview_zygote
-zygote
userdebug_or_eng(`-heapprofd')
- } vendor_overlay_file:file r_file_perms;
+ } vendor_overlay_file:file open;
')
# Core domains are not permitted to use kernel interfaces which are not
diff --git a/private/domain.te b/private/domain.te
index 8163aea..9eed3db 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -72,8 +72,9 @@
# For now, everyone can access core property files
# Device specific properties are not granted by default
not_compatible_property(`
+ get_prop(domain, boot_status_prop)
get_prop(domain, core_property_type)
- get_prop(domain, exported_dalvik_prop)
+ get_prop(domain, dalvik_config_prop)
get_prop(domain, exported_ffs_prop)
get_prop(domain, exported_system_radio_prop)
get_prop(domain, exported2_radio_prop)
@@ -81,13 +82,15 @@
get_prop(domain, exported3_default_prop)
get_prop(domain, exported3_radio_prop)
get_prop(domain, exported3_system_prop)
+ get_prop(domain, surfaceflinger_color_prop)
get_prop(domain, systemsound_config_prop)
get_prop(domain, vendor_default_prop)
get_prop(domain, vold_config_prop)
')
compatible_property_only(`
+ get_prop({coredomain appdomain shell}, boot_status_prop)
get_prop({coredomain appdomain shell}, core_property_type)
- get_prop({coredomain appdomain shell}, exported_dalvik_prop)
+ get_prop({coredomain appdomain shell}, dalvik_config_prop)
get_prop({coredomain appdomain shell}, exported_ffs_prop)
get_prop({coredomain appdomain shell}, exported_system_radio_prop)
get_prop({coredomain appdomain shell}, exported2_radio_prop)
@@ -96,6 +99,7 @@
get_prop({coredomain appdomain shell}, exported3_radio_prop)
get_prop({coredomain appdomain shell}, exported3_system_prop)
get_prop({coredomain appdomain shell}, exported_camera_prop)
+ get_prop({coredomain appdomain shell}, surfaceflinger_color_prop)
get_prop({coredomain appdomain shell}, systemsound_config_prop)
get_prop({coredomain appdomain shell}, userspace_reboot_config_prop)
get_prop({coredomain appdomain shell}, vold_config_prop)
diff --git a/private/genfs_contexts b/private/genfs_contexts
index d4d7fff..b423e64 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -241,6 +241,7 @@
genfscon tracefs /events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon tracefs /events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/task/task_rename/ u:object_r:debugfs_tracing:s0
@@ -285,6 +286,7 @@
genfscon debugfs /tracing/events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon debugfs /tracing/events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/task/task_rename/ u:object_r:debugfs_tracing:s0
diff --git a/private/property.te b/private/property.te
index 0cdadbf..d479502 100644
--- a/private/property.te
+++ b/private/property.te
@@ -135,7 +135,6 @@
core_property_type
extended_core_property_type
exported_config_prop
- exported_dalvik_prop
exported_default_prop
exported_dumpstate_prop
exported_ffs_prop
@@ -237,8 +236,8 @@
-vendor_init
} {
core_property_type
+ dalvik_config_prop
extended_core_property_type
- exported_dalvik_prop
exported_ffs_prop
exported_system_radio_prop
exported2_system_prop
@@ -332,3 +331,11 @@
} {
userspace_reboot_test_prop
}:property_service set;
+
+neverallow {
+ -init
+ -system_server
+ -vendor_init
+} {
+ surfaceflinger_color_prop
+}:property_service set;
diff --git a/private/property_contexts b/private/property_contexts
index 6f85e15..99637d4 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -263,67 +263,77 @@
camera.disable_zsl_mode u:object_r:exported3_default_prop:s0 exact bool
camera.fifo.disable u:object_r:exported3_default_prop:s0 exact int
-dalvik.vm.appimageformat u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.backgroundgctype u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.boot-dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.boot-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.boot-image u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.checkjni u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.dex2oat64.enabled u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.dexopt.secondary u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.execution-mode u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.extra-opts u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.foreground-heap-growth-multiplier u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.gctype u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapgrowthlimit u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapmaxfree u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapminfree u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapstartsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heaptargetutilization u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.hot-startup-method-samples u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.image-dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.isa.arm.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.arm.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.arm64.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.arm64.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips64.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips64.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.unknown.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.unknown.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86_64.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86_64.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.jitinitialsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.jitmaxsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.jitprithreadweight u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.jitthreshold u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.jittransitionweight u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.jniopts u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.lockprof.threshold u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.method-trace u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.method-trace-file u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.method-trace-file-siz u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.method-trace-stream u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.profilesystemserver u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.profilebootclasspath u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.usejit u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.usejitprofiles u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.zygote.max-boot-retry u:object_r:exported_dalvik_prop:s0 exact int
+# Should always_debuggable be bool? It's checked against the string "1".
+dalvik.vm.always_debuggable u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.appimageformat u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.backgroundgctype u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.boot-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.boot-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.boot-image u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.checkjni u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-max-image-block-size u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-minidebuginfo u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-resolve-startup-strings u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-updatable-bcp-packages-file u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-very-large u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-swap u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat64.enabled u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dexopt.secondary u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.execution-mode u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.extra-opts u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.foreground-heap-growth-multiplier u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.gctype u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapgrowthlimit u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapmaxfree u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapminfree u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapstartsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heaptargetutilization u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.hot-startup-method-samples u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.image-dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.isa.arm.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.unknown.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.unknown.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86_64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86_64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitinitialsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitmaxsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitprithreadweight u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jitthreshold u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jittransitionweight u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jniopts u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.lockprof.threshold u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.method-trace u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.method-trace-file u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.method-trace-file-siz u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.method-trace-stream u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.profilesystemserver u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.profilebootclasspath u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.restore-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.restore-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.usejit u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.usejitprofiles u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.zygote.max-boot-retry u:object_r:dalvik_config_prop:s0 exact int
drm.service.enabled u:object_r:exported3_default_prop:s0 exact bool
@@ -350,9 +360,6 @@
persist.sys.dalvik.vm.lib.2 u:object_r:exported2_system_prop:s0 exact string
persist.sys.media.avsync u:object_r:exported2_system_prop:s0 exact bool
persist.sys.hdmi.keep_awake u:object_r:exported2_system_prop:s0 exact bool
-persist.sys.sf.color_mode u:object_r:exported2_system_prop:s0 exact int
-persist.sys.sf.color_saturation u:object_r:exported2_system_prop:s0 exact string
-persist.sys.sf.native_mode u:object_r:exported2_system_prop:s0 exact int
pm.dexopt.ab-ota u:object_r:exported_pm_prop:s0 exact string
pm.dexopt.bg-dexopt u:object_r:exported_pm_prop:s0 exact string
@@ -406,7 +413,7 @@
ro.crypto.volume.metadata.method u:object_r:vold_config_prop:s0 exact string
ro.crypto.volume.options u:object_r:vold_config_prop:s0 exact string
-ro.dalvik.vm.native.bridge u:object_r:exported_dalvik_prop:s0 exact string
+ro.dalvik.vm.native.bridge u:object_r:dalvik_config_prop:s0 exact string
external_storage.projid.enabled u:object_r:storage_config_prop:s0 exact bool
external_storage.casefold.enabled u:object_r:storage_config_prop:s0 exact bool
@@ -430,6 +437,7 @@
ro.lmk.psi_partial_stall_ms u:object_r:exported3_default_prop:s0 exact int
ro.lmk.psi_complete_stall_ms u:object_r:exported3_default_prop:s0 exact int
ro.lmk.swap_free_low_percentage u:object_r:exported3_default_prop:s0 exact int
+ro.lmk.swap_util_max u:object_r:exported3_default_prop:s0 exact int
ro.lmk.thrashing_limit u:object_r:exported3_default_prop:s0 exact int
ro.lmk.thrashing_limit_decay u:object_r:exported3_default_prop:s0 exact int
ro.lmk.use_minfree_levels u:object_r:exported3_default_prop:s0 exact bool
@@ -455,9 +463,6 @@
ro.statsd.enable u:object_r:exported3_default_prop:s0 exact bool
-ro.sf.disable_triple_buffer u:object_r:exported3_default_prop:s0 exact bool
-ro.sf.lcd_density u:object_r:exported3_default_prop:s0 exact int
-
ro.storage_manager.enabled u:object_r:exported3_default_prop:s0 exact bool
ro.telephony.call_ring.multiple u:object_r:exported3_default_prop:s0 exact bool
@@ -499,13 +504,13 @@
# vendor-init-readable
apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
-dev.bootcomplete u:object_r:exported3_system_prop:s0 exact bool
+dev.bootcomplete u:object_r:boot_status_prop:s0 exact bool
+sys.boot_completed u:object_r:boot_status_prop:s0 exact bool
persist.sys.device_provisioned u:object_r:exported3_system_prop:s0 exact string
persist.sys.theme u:object_r:theme_prop:s0 exact string
persist.sys.usb.usbradio.config u:object_r:exported3_system_prop:s0 exact string
-sys.boot_completed u:object_r:exported3_system_prop:s0 exact bool
sys.retaildemo.enabled u:object_r:exported3_system_prop:s0 exact int
sys.user.0.ce_available u:object_r:exported3_system_prop:s0 exact bool
sys.vdso u:object_r:exported3_system_prop:s0 exact string
@@ -724,6 +729,7 @@
ro.kernel.qemu u:object_r:exported_default_prop:s0 exact bool
ro.kernel.qemu. u:object_r:exported_default_prop:s0
ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
+ro.kernel.ebpf.supported u:object_r:exported_default_prop:s0 exact bool
ro.odm.build.date u:object_r:exported_default_prop:s0 exact string
ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int
@@ -768,6 +774,9 @@
ro.apex.updatable u:object_r:exported_default_prop:s0 exact bool
+# Property to enable incremental feature
+ro.incremental.enable u:object_r:incremental_prop:s0
+
# Properties to configure userspace reboot.
init.userspace_reboot.is_supported u:object_r:userspace_reboot_config_prop:s0 exact bool
init.userspace_reboot.sigkill.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
@@ -786,7 +795,7 @@
sys.shutdown.requested u:object_r:exported_system_prop:s0 exact string
-# Using Sysprop as API. So the ro.surface_flinger.* are guaranteed to be API-stable
+# surfaceflinger properties
ro.surface_flinger.default_composition_dataspace u:object_r:surfaceflinger_prop:s0 exact int
ro.surface_flinger.default_composition_pixel_format u:object_r:surfaceflinger_prop:s0 exact int
ro.surface_flinger.force_hwc_copy_for_virtual_displays u:object_r:surfaceflinger_prop:s0 exact bool
@@ -821,6 +830,13 @@
ro.surface_flinger.color_space_agnostic_dataspace u:object_r:surfaceflinger_prop:s0 exact int
ro.surface_flinger.refresh_rate_switching u:object_r:surfaceflinger_prop:s0 exact bool
+ro.sf.disable_triple_buffer u:object_r:surfaceflinger_prop:s0 exact bool
+ro.sf.lcd_density u:object_r:surfaceflinger_prop:s0 exact int
+
+persist.sys.sf.color_mode u:object_r:surfaceflinger_color_prop:s0 exact int
+persist.sys.sf.color_saturation u:object_r:surfaceflinger_color_prop:s0 exact string
+persist.sys.sf.native_mode u:object_r:surfaceflinger_color_prop:s0 exact int
+
# Binder cache properties. These are world-readable
cache_key.app_inactive u:object_r:binder_cache_system_server_prop:s0
cache_key.is_compat_change_enabled u:object_r:binder_cache_system_server_prop:s0
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 6c3b607..1bad9c1 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -165,6 +165,7 @@
user=_app isPrivApp=true name=com.google.android.gms domain=gmscore_app type=privapp_data_file levelFrom=user
user=_app isPrivApp=true name=com.google.android.gms.* domain=gmscore_app type=privapp_data_file levelFrom=user
user=_app isPrivApp=true name=com.google.android.gms:* domain=gmscore_app type=privapp_data_file levelFrom=user
+user=_app isPrivApp=true name=com.google.android.gsf domain=gmscore_app type=privapp_data_file levelFrom=user
user=_app minTargetSdkVersion=30 domain=untrusted_app type=app_data_file levelFrom=all
user=_app minTargetSdkVersion=29 domain=untrusted_app_29 type=app_data_file levelFrom=all
user=_app minTargetSdkVersion=28 domain=untrusted_app_27 type=app_data_file levelFrom=all
diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 373889c..973350e 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -51,14 +51,9 @@
# Create and use netlink kobject uevent sockets.
allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
-# Get properties.
-get_prop(surfaceflinger, surfaceflinger_prop)
-neverallow { domain -coredomain -vendor_init } surfaceflinger_prop:file no_rw_file_perms;
-
# Set properties.
set_prop(surfaceflinger, system_prop)
set_prop(surfaceflinger, exported_system_prop)
-set_prop(surfaceflinger, exported2_system_prop)
set_prop(surfaceflinger, exported3_system_prop)
set_prop(surfaceflinger, ctl_bootanim_prop)
diff --git a/private/system_server.te b/private/system_server.te
index 6c1fa9a..18b62a7 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -620,6 +620,8 @@
set_prop(system_server, exported_pm_prop)
set_prop(system_server, socket_hook_prop)
set_prop(system_server, audio_prop)
+set_prop(system_server, boot_status_prop)
+set_prop(system_server, surfaceflinger_color_prop)
userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
# ctl interface
@@ -679,6 +681,9 @@
# Read wifi.interface
get_prop(system_server, wifi_prop)
+# Read the vendor property that indicates if Incremental features is enabled
+get_prop(system_server, incremental_prop)
+
# Create a socket for connections from debuggerd.
allow system_server system_ndebug_socket:sock_file create_file_perms;
@@ -1163,3 +1168,5 @@
# Do not allow any domain other than init or system server to set the property
neverallow { domain -init -system_server } socket_hook_prop:property_service set;
+
+neverallow { domain -init -system_server } boot_status_prop:property_service set;
diff --git a/private/vold.te b/private/vold.te
index 3332d63..e62d7a9 100644
--- a/private/vold.te
+++ b/private/vold.te
@@ -21,6 +21,7 @@
# Property Service
get_prop(vold, vold_config_prop)
get_prop(vold, storage_config_prop);
+get_prop(vold, incremental_prop);
set_prop(vold, vold_prop)
set_prop(vold, vold_status_prop)
diff --git a/public/domain.te b/public/domain.te
index e6c6834..0ab5f22 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -105,6 +105,7 @@
get_prop(domain, exported2_default_prop)
get_prop(domain, logd_prop)
get_prop(domain, socket_hook_prop)
+get_prop(domain, surfaceflinger_prop)
get_prop(domain, vendor_socket_hook_prop)
get_prop(domain, vndk_prop)
get_prop(domain, vold_status_prop)
@@ -947,6 +948,23 @@
')
full_treble_only(`
+ # Do not allow coredomain to access entrypoint for files other
+ # than system_file_type and postinstall_file
+ neverallow coredomain {
+ file_type
+ -system_file_type
+ -postinstall_file
+ }:file entrypoint;
+ # Do not allow domains other than coredomain to access entrypoint
+ # for anything but vendor_file_type and init_exec for vendor_init.
+ neverallow { domain -coredomain } {
+ file_type
+ -vendor_file_type
+ -init_exec
+ }:file entrypoint;
+')
+
+full_treble_only(`
# Do not allow system components to execute files from vendor
# except for the ones whitelisted here.
neverallow {
diff --git a/public/drmserver.te b/public/drmserver.te
index 12c080a..e2c6638 100644
--- a/public/drmserver.te
+++ b/public/drmserver.te
@@ -49,6 +49,9 @@
allow drmserver oemfs:dir search;
allow drmserver oemfs:file r_file_perms;
+# overlay package access
+allow drmserver vendor_overlay_file:file { read map };
+
add_service(drmserver, drmserver_service)
allow drmserver permission_service:service_manager find;
allow drmserver mediametrics_service:service_manager find;
diff --git a/public/hal_audio.te b/public/hal_audio.te
index d54b2b2..5958f2c 100644
--- a/public/hal_audio.te
+++ b/public/hal_audio.te
@@ -30,10 +30,6 @@
# Should never execute any executable without a domain transition
neverallow hal_audio_server { file_type fs_type }:file execute_no_trans;
-# Should never need network access.
-# Disallow network sockets.
-neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket } *;
-
# Only audio HAL may directly access the audio hardware
neverallow { halserverdomain -hal_audio_server -hal_omx_server } audio_device:chr_file *;
diff --git a/public/hal_neuralnetworks.te b/public/hal_neuralnetworks.te
index f8d6ff5..228d990 100644
--- a/public/hal_neuralnetworks.te
+++ b/public/hal_neuralnetworks.te
@@ -18,6 +18,9 @@
# Allow NN HAL service to read a client-provided ION memory fd.
allow hal_neuralnetworks_server ion_device:chr_file r_file_perms;
+# Allow NN HAL service to use a client-provided fd residing in /storage
+allow hal_neuralnetworks_server storage_file:file { getattr map read };
+
# Allow NN HAL client to check the ro.nnapi.extensions.deny_on_product
# property to determine whether to deny NNAPI extensions use for apps
# on product partition (apps in GSI are not allowed to use NNAPI extensions).
diff --git a/public/mediaextractor.te b/public/mediaextractor.te
index 4bee4f8..1f34030 100644
--- a/public/mediaextractor.te
+++ b/public/mediaextractor.te
@@ -34,6 +34,9 @@
allow mediaextractor asec_apk_file:file { read getattr };
allow mediaextractor ringtone_file:file { read getattr };
+# overlay package access
+allow mediaextractor vendor_overlay_file:file { read map };
+
# scan extractor library directory to dynamically load extractors
allow mediaextractor system_file:dir { read open };
diff --git a/public/mediaserver.te b/public/mediaserver.te
index 832eaa3..86db99c 100644
--- a/public/mediaserver.te
+++ b/public/mediaserver.te
@@ -128,6 +128,9 @@
# b/120491318 allow mediaserver to access void:fd
allow mediaserver vold:fd use;
+# overlay package access
+allow mediaserver vendor_overlay_file:file { read getattr map };
+
hal_client_domain(mediaserver, hal_allocator)
###
diff --git a/public/mediatranscoding.te b/public/mediatranscoding.te
index 386535b..5b64083 100644
--- a/public/mediatranscoding.te
+++ b/public/mediatranscoding.te
@@ -3,11 +3,13 @@
type mediatranscoding_exec, system_file_type, exec_type, file_type;
binder_use(mediatranscoding)
+binder_call(mediatranscoding, binderservicedomain)
binder_service(mediatranscoding)
add_service(mediatranscoding, mediatranscoding_service)
allow mediatranscoding system_server:fd use;
+allow mediatranscoding activity_service:service_manager find;
# mediatranscoding should never execute any executable without a
# domain transition
diff --git a/public/modprobe.te b/public/modprobe.te
index 1190409..2c7d64b 100644
--- a/public/modprobe.te
+++ b/public/modprobe.te
@@ -1,6 +1,7 @@
type modprobe, domain;
allow modprobe proc_modules:file r_file_perms;
+allow modprobe proc_cmdline:file r_file_perms;
allow modprobe self:global_capability_class_set sys_module;
allow modprobe kernel:key search;
recovery_only(`
diff --git a/public/property.te b/public/property.te
index 932dfab..8e5a7fc 100644
--- a/public/property.te
+++ b/public/property.te
@@ -54,11 +54,10 @@
')
# Properties which can't be written outside system
-
-# Properties used by binder caches
system_restricted_prop(binder_cache_bluetooth_server_prop)
system_restricted_prop(binder_cache_system_server_prop)
system_restricted_prop(binder_cache_telephony_server_prop)
+system_restricted_prop(boot_status_prop)
system_restricted_prop(bq_config_prop)
system_restricted_prop(module_sdkextensions_prop)
system_restricted_prop(nnapi_ext_deny_product_prop)
@@ -101,11 +100,13 @@
# Properties which can be written only by vendor_init
system_vendor_config_prop(apk_verity_prop)
system_vendor_config_prop(cpu_variant_prop)
+system_vendor_config_prop(dalvik_config_prop)
system_vendor_config_prop(exported_audio_prop)
system_vendor_config_prop(exported_camera_prop)
system_vendor_config_prop(exported_config_prop)
system_vendor_config_prop(exported_default_prop)
system_vendor_config_prop(exported3_default_prop)
+system_vendor_config_prop(incremental_prop)
system_vendor_config_prop(media_variant_prop)
system_vendor_config_prop(storage_config_prop)
system_vendor_config_prop(surfaceflinger_prop)
@@ -134,7 +135,6 @@
system_public_prop(exported2_system_prop)
system_public_prop(exported3_radio_prop)
system_public_prop(exported_bluetooth_prop)
-system_public_prop(exported_dalvik_prop)
system_public_prop(exported_ffs_prop)
system_public_prop(exported_overlay_prop)
system_public_prop(exported_pm_prop)
@@ -153,6 +153,7 @@
system_public_prop(powerctl_prop)
system_public_prop(radio_prop)
system_public_prop(serialno_prop)
+system_public_prop(surfaceflinger_color_prop)
system_public_prop(system_prop)
system_public_prop(wifi_log_prop)
system_public_prop(wifi_prop)
diff --git a/public/shell.te b/public/shell.te
index 712307f..822f4ca 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -91,7 +91,7 @@
hwbinder_use(shell)
allow shell hwservicemanager:hwservice_manager list;
-# allow shell to look through /proc/ for lsmod, ps, top, netstat.
+# allow shell to look through /proc/ for lsmod, ps, top, netstat, vmstat.
r_dir_file(shell, proc_net_type)
allow shell {
@@ -107,6 +107,7 @@
proc_timer
proc_uptime
proc_version
+ proc_vmstat
proc_zoneinfo
}:file r_file_perms;
diff --git a/public/vendor_init.te b/public/vendor_init.te
index bd9ec16..cd96643 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -215,7 +215,6 @@
set_prop(vendor_init, exported_bluetooth_prop)
set_prop(vendor_init, exported_camera_prop)
set_prop(vendor_init, exported_config_prop)
-set_prop(vendor_init, exported_dalvik_prop)
set_prop(vendor_init, exported_default_prop)
set_prop(vendor_init, exported_ffs_prop)
set_prop(vendor_init, exported_overlay_prop)
@@ -226,11 +225,13 @@
set_prop(vendor_init, exported2_system_prop)
set_prop(vendor_init, exported3_default_prop)
set_prop(vendor_init, exported3_radio_prop)
+set_prop(vendor_init, incremental_prop)
set_prop(vendor_init, logd_prop)
set_prop(vendor_init, log_tag_prop)
set_prop(vendor_init, log_prop)
set_prop(vendor_init, rebootescrow_hal_prop)
set_prop(vendor_init, serialno_prop)
+set_prop(vendor_init, surfaceflinger_color_prop)
set_prop(vendor_init, userspace_reboot_config_prop)
set_prop(vendor_init, vehicle_hal_prop)
set_prop(vendor_init, vendor_default_prop)
@@ -239,6 +240,7 @@
set_prop(vendor_init, virtual_ab_prop)
set_prop(vendor_init, wifi_log_prop)
+get_prop(vendor_init, boot_status_prop)
get_prop(vendor_init, exported2_radio_prop)
get_prop(vendor_init, exported3_system_prop)
get_prop(vendor_init, theme_prop)
diff --git a/vendor/vendor_modprobe.te b/vendor/vendor_modprobe.te
index 7689ca5..61df9e0 100644
--- a/vendor/vendor_modprobe.te
+++ b/vendor/vendor_modprobe.te
@@ -4,6 +4,7 @@
domain_trans(init, vendor_toolbox_exec, vendor_modprobe)
allow vendor_modprobe proc_modules:file r_file_perms;
+allow vendor_modprobe proc_cmdline:file r_file_perms;
allow vendor_modprobe self:global_capability_class_set sys_module;
allow vendor_modprobe kernel:key search;