Merge changes from topic "fwk-cameraservice-sepolicy"
* changes:
Abstract use of cameraserver behind an attribute
Add selinux rules for HIDL ICameraServer.
diff --git a/private/apexd.te b/private/apexd.te
index 80e115a..5b27101 100644
--- a/private/apexd.te
+++ b/private/apexd.te
@@ -45,11 +45,6 @@
# because it doesn't have write permission for staging_data_file object.
allow apexd staging_data_file:file unlink;
-# allow apexd to relabel apk_tmp_file to apex_data_file.
-# TODO(b/112669193) remove this when APEXes are staged via file descriptor
-allow apexd apk_tmp_file:file relabelfrom;
-allow apexd apex_data_file:file relabelto;
-
# allow apexd to read files from /data/pkg_staging and hardlink them to /data/apex.
allow apexd staging_data_file:dir r_dir_perms;
allow apexd staging_data_file:file { r_file_perms link };
diff --git a/private/domain.te b/private/domain.te
index bc05875..3b340c5 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -19,6 +19,10 @@
-keystore
-llkd
-logd
+ -logpersist
+ -recovery
+ -recovery_persist
+ -recovery_refresh
-ueventd
-vendor_init
-vold
diff --git a/private/file_contexts b/private/file_contexts
index 83be009..39244c1 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -434,6 +434,8 @@
/data/adb(/.*)? u:object_r:adb_data_file:s0
/data/anr(/.*)? u:object_r:anr_data_file:s0
/data/apex(/.*)? u:object_r:apex_data_file:s0
+/data/apex/active/(.*)? u:object_r:staging_data_file:s0
+/data/apex/backup/(.*)? u:object_r:staging_data_file:s0
/data/app(/.*)? u:object_r:apk_data_file:s0
/data/app/[^/]+/oat(/.*)? u:object_r:dalvikcache_data_file:s0
/data/app/vmdl[^/]+\.tmp(/.*)? u:object_r:apk_tmp_file:s0
diff --git a/private/heapprofd.te b/private/heapprofd.te
index 7f8d8d6..df42b1e 100644
--- a/private/heapprofd.te
+++ b/private/heapprofd.te
@@ -10,8 +10,14 @@
# On debug builds, this central daemon performs profiling for all target
# processes (which talk directly to this daemon).
type heapprofd_exec, exec_type, file_type, system_file_type;
+type heapprofd_tmpfs, file_type;
init_daemon_domain(heapprofd)
+tmpfs_domain(heapprofd)
+
+# Allow apps in other MLS contexts (for multi-user) to access
+# share memory buffers created by heapprofd.
+typeattribute heapprofd_tmpfs mlstrustedobject;
set_prop(heapprofd, heapprofd_prop);
diff --git a/private/postinstall_dexopt.te b/private/postinstall_dexopt.te
index 14e54be..c0836ec 100644
--- a/private/postinstall_dexopt.te
+++ b/private/postinstall_dexopt.te
@@ -62,3 +62,7 @@
# Allow otapreopt to use file descriptors from otapreopt_chroot.
# TODO: Probably we can actually close file descriptors...
allow postinstall_dexopt otapreopt_chroot:fd use;
+
+# Allow postinstall_dexopt to access the runtime feature flag properties.
+get_prop(postinstall_dexopt, device_config_runtime_native_prop)
+get_prop(postinstall_dexopt, device_config_runtime_native_boot_prop)
diff --git a/public/statsd.te b/public/statsd.te
index 85523ef..8ba7f63 100644
--- a/public/statsd.te
+++ b/public/statsd.te
@@ -31,6 +31,9 @@
binder_call(statsd, perfprofd)
')
binder_call(statsd, system_server)
+
+# Allow statsd to interact with gpuservice
+allow statsd gpu_service:service_manager find;
binder_call(statsd, gpuservice)
# Allow logd access.
diff --git a/public/te_macros b/public/te_macros
index b9a6c05..cd4bf61 100644
--- a/public/te_macros
+++ b/public/te_macros
@@ -661,14 +661,8 @@
allow heapprofd $1:file r_file_perms;
allow heapprofd $1:dir r_dir_perms;
- # On debug builds, central daemon can handle profiling of all processes
- # directly.
- userdebug_or_eng(`
- # Allow connecting to the daemon.
- unix_socket_connect($1, heapprofd, heapprofd)
- # Allow daemon to use the passed fds.
- allow heapprofd $1:fd use;
- ')
+ # Profilability on user implies profilability on userdebug and eng.
+ can_profile_heap_userdebug_or_eng($1)
')
###################################
@@ -686,6 +680,11 @@
unix_socket_connect($1, heapprofd, heapprofd)
# Allow daemon to use the passed fds.
allow heapprofd $1:fd use;
+ # Allow to read and write to heapprofd shmem.
+ # The client needs to read the read and write pointers in order to write.
+ allow $1 heapprofd_tmpfs:file { read write getattr map };
+ # Use shared memory received over the unix socket.
+ allow $1 heapprofd:fd use;
# To read from the received file descriptors.
# /proc/[pid]/maps and /proc/[pid]/mem have the same SELinux label as the