Merge "Renamed "intelligence" to "content_capture""
diff --git a/private/compat/28.0/28.0.cil b/private/compat/28.0/28.0.cil
index ec3510a..ad22950 100644
--- a/private/compat/28.0/28.0.cil
+++ b/private/compat/28.0/28.0.cil
@@ -1,4 +1,5 @@
;; types removed from current policy
+(type alarm_device)
(type audio_seq_device)
(type audio_timer_device)
(type commontime_management_service)
diff --git a/private/dumpstate.te b/private/dumpstate.te
index 293998d..4f3dda6 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -22,6 +22,9 @@
allow dumpstate wm_trace_data_file:file r_file_perms;
')
+# Allow dumpstate to make binder calls to incidentd
+binder_call(dumpstate, incidentd)
+
# Allow dumpstate to make binder calls to storaged service
binder_call(dumpstate, storaged)
@@ -31,6 +34,9 @@
# Allow dumpstate to talk to gpuservice over binder
binder_call(dumpstate, gpuservice);
+# Allow dumpstate to talk to idmap over binder
+binder_call(dumpstate, idmap);
+
# Collect metrics on boot time created by init
get_prop(dumpstate, boottime_prop)
diff --git a/private/file_contexts b/private/file_contexts
index 72efb52..3ba8fcf 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -71,7 +71,6 @@
/dev/adf[0-9]* u:object_r:graphics_device:s0
/dev/adf-interface[0-9]*\.[0-9]* u:object_r:graphics_device:s0
/dev/adf-overlay-engine[0-9]*\.[0-9]* u:object_r:graphics_device:s0
-/dev/alarm u:object_r:alarm_device:s0
/dev/ashmem u:object_r:ashmem_device:s0
/dev/audio.* u:object_r:audio_device:s0
/dev/binder u:object_r:binder_device:s0
diff --git a/private/heapprofd.te b/private/heapprofd.te
index 30ad7f1..b7013d7 100644
--- a/private/heapprofd.te
+++ b/private/heapprofd.te
@@ -13,10 +13,10 @@
# Executables and libraries.
# These are needed to read the ELF binary data needed for unwinding.
- allow heapprofd system_file:file r_file_perms;
- allow heapprofd apk_data_file:file r_file_perms;
- allow heapprofd dalvikcache_data_file:file r_file_perms;
- allow heapprofd vendor_file_type:file r_file_perms;
+ r_dir_file(heapprofd, system_file_type)
+ r_dir_file(heapprofd, apk_data_file)
+ r_dir_file(heapprofd, dalvikcache_data_file)
+ r_dir_file(heapprofd, vendor_file_type)
')
# Write trace data to the Perfetto traced damon. This requires connecting to its
diff --git a/private/incident_helper.te b/private/incident_helper.te
index 078aa24..b453855 100644
--- a/private/incident_helper.te
+++ b/private/incident_helper.te
@@ -6,8 +6,8 @@
domain_auto_trans(incidentd, incident_helper_exec, incident_helper)
# use pipe to transmit data from/to incidentd/incident_helper for parsing
-allow incident_helper { shell incident incidentd }:fd use;
-allow incident_helper { shell incident incidentd }:fifo_file { getattr read write };
+allow incident_helper { shell incident incidentd dumpstate }:fd use;
+allow incident_helper { shell incident incidentd dumpstate }:fifo_file { getattr read write };
allow incident_helper incidentd:unix_stream_socket { read write };
# only allow incidentd and shell to call incident_helper
diff --git a/private/incidentd.te b/private/incidentd.te
index 4e80bdd..ad6fbf3 100644
--- a/private/incidentd.te
+++ b/private/incidentd.te
@@ -134,9 +134,9 @@
# Only incidentd can publish the binder service
add_service(incidentd, incident_service)
-# Allow pipes from (and only from) incident
-allow incidentd incident:fd use;
-allow incidentd incident:fifo_file write;
+# Allow pipes only from dumpstate and incident
+allow incidentd { dumpstate incident }:fd use;
+allow incidentd { dumpstate incident }:fifo_file write;
# Allow incident to call back to incident with status updates.
binder_call(incidentd, incident)
@@ -145,9 +145,10 @@
### neverallow rules
###
-# only system_server, system_app and incident command can find the incident service
+# only dumpstate, system_server, system_app and incident command can find the incident service
neverallow {
domain
+ -dumpstate
-incident
-incidentd
-statsd
diff --git a/private/system_server.te b/private/system_server.te
index e1f052e..33f4f0a 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -322,7 +322,6 @@
# Access devices.
allow system_server device:dir r_dir_perms;
allow system_server mdns_socket:sock_file rw_file_perms;
-allow system_server alarm_device:chr_file rw_file_perms;
allow system_server gpu_device:chr_file rw_file_perms;
allow system_server input_device:dir r_dir_perms;
allow system_server input_device:chr_file rw_file_perms;
diff --git a/private/vold.te b/private/vold.te
index a6d1001..dea24a5 100644
--- a/private/vold.te
+++ b/private/vold.te
@@ -8,8 +8,8 @@
# For a handful of probing tools, we choose an even more restrictive
# domain when working with untrusted block devices
-domain_trans(vold, shell_exec, blkid);
-domain_trans(vold, shell_exec, blkid_untrusted);
+domain_trans(vold, blkid_exec, blkid);
+domain_trans(vold, blkid_exec, blkid_untrusted);
domain_trans(vold, fsck_exec, fsck);
domain_trans(vold, fsck_exec, fsck_untrusted);
diff --git a/public/device.te b/public/device.te
index e55c86d..57b0503 100644
--- a/public/device.te
+++ b/public/device.te
@@ -1,6 +1,5 @@
# Device types
type device, dev_type, fs_type;
-type alarm_device, dev_type, mlstrustedobject;
type ashmem_device, dev_type, mlstrustedobject;
type audio_device, dev_type;
type binder_device, dev_type, mlstrustedobject;
diff --git a/public/domain.te b/public/domain.te
index c536c12..d0e4e41 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -75,7 +75,6 @@
not_full_treble(`allow { domain -hwservicemanager -vndservicemanager } binder_device:chr_file rw_file_perms;')
allow { domain -servicemanager -vndservicemanager -isolated_app } hwbinder_device:chr_file rw_file_perms;
allow domain ptmx_device:chr_file rw_file_perms;
-allow domain alarm_device:chr_file r_file_perms;
allow domain random_device:chr_file rw_file_perms;
allow domain proc_random:dir r_dir_perms;
allow domain proc_random:file r_file_perms;
diff --git a/public/dumpstate.te b/public/dumpstate.te
index af6956e..cd3310a 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te
@@ -209,7 +209,6 @@
-apex_service
-dumpstate_service
-gatekeeper_service
- -incident_service
-iorapd_service
-virtual_touchpad_service
-vold_service
@@ -220,7 +219,6 @@
apex_service
dumpstate_service
gatekeeper_service
- incident_service
iorapd_service
virtual_touchpad_service
vold_service
diff --git a/public/hal_telephony.te b/public/hal_telephony.te
index 9d0f8c0..3e4b65d 100644
--- a/public/hal_telephony.te
+++ b/public/hal_telephony.te
@@ -9,7 +9,6 @@
allow hal_telephony_server self:netlink_route_socket nlmsg_write;
allow hal_telephony_server kernel:system module_request;
allow hal_telephony_server self:global_capability_class_set { setpcap setgid setuid net_admin net_raw };
-allow hal_telephony_server alarm_device:chr_file rw_file_perms;
allow hal_telephony_server cgroup:dir create_dir_perms;
allow hal_telephony_server cgroup:{ file lnk_file } r_file_perms;
allow hal_telephony_server radio_device:chr_file rw_file_perms;
diff --git a/public/hal_wifi.te b/public/hal_wifi.te
index f735be5..805adaf 100644
--- a/public/hal_wifi.te
+++ b/public/hal_wifi.te
@@ -10,9 +10,9 @@
set_prop(hal_wifi, exported_wifi_prop)
set_prop(hal_wifi, wifi_prop)
-# allow hal wifi set interfaces up and down
+# allow hal wifi set interfaces up and down and get the factory MAC
allow hal_wifi self:udp_socket create_socket_perms;
-allowxperm hal_wifi self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR };
+allowxperm hal_wifi self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL };
allow hal_wifi self:global_capability_class_set { net_admin net_raw };
# allow hal_wifi to speak to nl80211 in the kernel
diff --git a/public/init.te b/public/init.te
index 2a8036a..8b95e2b 100644
--- a/public/init.te
+++ b/public/init.te
@@ -257,7 +257,6 @@
allow init { fs_type -contextmount_type -sdcard_type -rootfs }:dir { open read setattr search };
allow init {
- alarm_device
ashmem_device
binder_device
console_device
diff --git a/public/property_contexts b/public/property_contexts
index 9cf9c39..1661d7d 100644
--- a/public/property_contexts
+++ b/public/property_contexts
@@ -6,6 +6,7 @@
audio.camerasound.force u:object_r:exported_audio_prop:s0 exact bool
audio.deep_buffer.media u:object_r:exported3_default_prop:s0 exact bool
audio.offload.video u:object_r:exported3_default_prop:s0 exact bool
+audio.offload.min.duration.secs u:object_r:exported3_default_prop:s0 exact int
camera.disable_zsl_mode u:object_r:exported3_default_prop:s0 exact bool
camera.fifo.disable u:object_r:exported3_default_prop:s0 exact int
dalvik.vm.appimageformat u:object_r:exported_dalvik_prop:s0 exact string
diff --git a/public/radio.te b/public/radio.te
index 05bfd8c..8a8bef3 100644
--- a/public/radio.te
+++ b/public/radio.te
@@ -12,7 +12,6 @@
allow radio radio_data_file:dir create_dir_perms;
allow radio radio_data_file:notdevfile_class_set create_file_perms;
-allow radio alarm_device:chr_file rw_file_perms;
allow radio net_data_file:dir search;
allow radio net_data_file:file r_file_perms;
diff --git a/public/vold.te b/public/vold.te
index 6994776..0f5fb0f 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -31,9 +31,6 @@
# Allow us to jump into execution domains of above tools
allow vold self:process setexec;
-# For sgdisk launched through popen()
-allow vold shell_exec:file rx_file_perms;
-
# For formatting adoptable storage devices
allow vold e2fs_exec:file rx_file_perms;