Merge "Remove microdroid specific rules and files"

commit: af2697a45246e336d6aadb940bbc41c79de16f93 [log] [tgz]
author: Inseob Kim <inseob@google.com> Tue Jun 08 00:53:26 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Tue Jun 08 00:53:26 2021 +0000
tree: f2b29901bacf7874d33c410bd3d4d1c6cee047e9
parent: 6550adcaed4a098b6f69c26d548980cf5a453c26 [diff]
parent: 5d269aaa5573f6052a6ad85049153918c68e4b8b [diff]
diff --git a/private/apexd.te b/private/apexd.te
index b6fff92..b05fecb 100644
--- a/private/apexd.te
+++ b/private/apexd.te

@@ -83,6 +83,9 @@
 # allow apexd to create /apex/apex-info-list.xml and relabel to apex_info_file
 allow apexd apex_mnt_dir:file { create_file_perms relabelfrom mounton };
 allow apexd apex_info_file:file relabelto;
+# apexd needs to update /apex/apex-info-list.xml after non-staged APEX update.
+allow apexd apex_info_file:file rw_file_perms;
+
 # allow apexd to unlink apex files in /data/apex/active
 # note that apexd won't be able to unlink files in /data/app-staging/session_XXXX,
 # because it doesn't have write permission for staging_data_file object.

diff --git a/private/property_contexts b/private/property_contexts
index 605e912..e8d329b 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -1069,6 +1069,7 @@
 
 ro.sf.disable_triple_buffer u:object_r:surfaceflinger_prop:s0 exact bool
 ro.sf.lcd_density           u:object_r:surfaceflinger_prop:s0 exact int
+ro.sf.uclamp.min            u:object_r:surfaceflinger_prop:s0 exact int
 
 persist.sys.sf.color_mode       u:object_r:surfaceflinger_color_prop:s0 exact int
 persist.sys.sf.color_saturation u:object_r:surfaceflinger_color_prop:s0 exact string

diff --git a/private/seapp_contexts b/private/seapp_contexts
index b8e42ea..1d38fd9 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts

@@ -158,7 +158,6 @@
 user=_app seinfo=media domain=mediaprovider type=app_data_file levelFrom=user
 user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user
 user=_app isEphemeralApp=true domain=ephemeral_app type=app_data_file levelFrom=all
-user=_app minTargetSdkVersion=31 isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=all
 user=_app isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=user
 user=_app isPrivApp=true name=com.google.android.permissioncontroller domain=permissioncontroller_app type=privapp_data_file levelFrom=all
 user=_app seinfo=media isPrivApp=true name=com.android.providers.media.module domain=mediaprovider_app type=privapp_data_file levelFrom=all

diff --git a/private/shell.te b/private/shell.te
index 5831d54..26f6d95 100644
--- a/private/shell.te
+++ b/private/shell.te

@@ -114,6 +114,9 @@
 allow shell self:perf_event { open read write kernel };
 neverallow shell self:perf_event ~{ open read write kernel };
 
+# Allow shell to read /apex/apex-info-list.xml
+allow shell apex_info_file:file r_file_perms;
+
 # Set properties.
 set_prop(shell, shell_prop)
 set_prop(shell, ctl_bugreport_prop)
commit	af2697a45246e336d6aadb940bbc41c79de16f93	[log] [tgz]
author	Inseob Kim <inseob@google.com>	Tue Jun 08 00:53:26 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Tue Jun 08 00:53:26 2021 +0000
tree	f2b29901bacf7874d33c410bd3d4d1c6cee047e9
parent	6550adcaed4a098b6f69c26d548980cf5a453c26 [diff]
parent	5d269aaa5573f6052a6ad85049153918c68e4b8b [diff]