Merge changes Ia2defe72,Icef1ebdd * changes: allow simpleperf to profile more app types. simpleperf_app_runner: move rules to private.

commit: e43222e19b8da35e78e0a6ed0873d123bbbacd13 [log] [tgz]
author: Yabin Cui <yabinc@google.com> Fri Jul 02 16:37:38 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Jul 02 16:37:38 2021 +0000
tree: 1eb4975e518bb553bea045447ba0b733bb3a6955
parent: 59c063b86636a1e61a552273dfc82bab663b39ed [diff]
parent: 26de4c4ecc1fa0229052b6c3a255ef0ae7c85bdd [diff]
diff --git a/prebuilts/api/31.0/private/access_vectors b/prebuilts/api/31.0/private/access_vectors
index 22f2ffa..5ff7aef 100644
--- a/prebuilts/api/31.0/private/access_vectors
+++ b/prebuilts/api/31.0/private/access_vectors

@@ -726,6 +726,7 @@
 	get_state
 	list
 	lock
+	pull_metrics
 	report_off_body
 	reset
 	unlock

diff --git a/prebuilts/api/31.0/private/compat/30.0/30.0.ignore.cil b/prebuilts/api/31.0/private/compat/30.0/30.0.ignore.cil
index 4ad7912..4484823 100644
--- a/prebuilts/api/31.0/private/compat/30.0/30.0.ignore.cil
+++ b/prebuilts/api/31.0/private/compat/30.0/30.0.ignore.cil

@@ -70,8 +70,10 @@
     hw_timeout_multiplier_prop
     keystore_compat_hal_service
     keystore_maintenance_service
+    keystore_metrics_service
     keystore2_key_contexts_file
     legacy_permission_service
+    legacykeystore_service
     location_time_zone_manager_service
     media_communication_service
     media_metrics_service
@@ -140,7 +142,6 @@
     vibrator_manager_service
     virtualization_service
     vpn_management_service
-    vpnprofilestore_service
     watchdog_metadata_file
     wifi_key
     zygote_config_prop))

diff --git a/prebuilts/api/31.0/private/service_contexts b/prebuilts/api/31.0/private/service_contexts
index 02f326d..6d2b6a8 100644
--- a/prebuilts/api/31.0/private/service_contexts
+++ b/prebuilts/api/31.0/private/service_contexts

@@ -37,9 +37,10 @@
 android.security.compat                   u:object_r:keystore_compat_hal_service:s0
 android.security.identity                 u:object_r:credstore_service:s0
 android.security.keystore                 u:object_r:keystore_service:s0
+android.security.legacykeystore           u:object_r:legacykeystore_service:s0
 android.security.maintenance              u:object_r:keystore_maintenance_service:s0
+android.security.metrics                  u:object_r:keystore_metrics_service:s0
 android.security.remoteprovisioning       u:object_r:remoteprovisioning_service:s0
-android.security.vpnprofilestore          u:object_r:vpnprofilestore_service:s0
 android.service.gatekeeper.IGateKeeperService    u:object_r:gatekeeper_service:s0
 app_binding                               u:object_r:app_binding_service:s0
 app_hibernation                           u:object_r:app_hibernation_service:s0

diff --git a/prebuilts/api/31.0/private/system_server.te b/prebuilts/api/31.0/private/system_server.te
index f35f9a8..73301c1 100644
--- a/prebuilts/api/31.0/private/system_server.te
+++ b/prebuilts/api/31.0/private/system_server.te

@@ -853,6 +853,7 @@
 allow system_server installd_service:service_manager find;
 allow system_server iorapd_service:service_manager find;
 allow system_server keystore_maintenance_service:service_manager find;
+allow system_server keystore_metrics_service:service_manager find;
 allow system_server keystore_service:service_manager find;
 allow system_server mediaserver_service:service_manager find;
 allow system_server mediametrics_service:service_manager find;
@@ -903,6 +904,7 @@
 	clear_uid
 	get_state
 	lock
+	pull_metrics
 	reset
 	unlock
 };

diff --git a/prebuilts/api/31.0/private/wificond.te b/prebuilts/api/31.0/private/wificond.te
index 8bf37ca..3fdaca2 100644
--- a/prebuilts/api/31.0/private/wificond.te
+++ b/prebuilts/api/31.0/private/wificond.te

@@ -6,4 +6,6 @@
 
 get_prop(wificond, hwservicemanager_prop)
 
+allow wificond legacykeystore_service:service_manager find;
+
 init_daemon_domain(wificond)

diff --git a/prebuilts/api/31.0/public/domain.te b/prebuilts/api/31.0/public/domain.te
index d84abf1..799a2f1 100644
--- a/prebuilts/api/31.0/public/domain.te
+++ b/prebuilts/api/31.0/public/domain.te

@@ -677,6 +677,7 @@
     -credstore_service
     -keystore_maintenance_service
     -keystore_service
+    -legacykeystore_service
     -mediadrmserver_service
     -mediaextractor_service
     -mediametrics_service
@@ -684,7 +685,6 @@
     -nfc_service
     -radio_service
     -virtual_touchpad_service
-    -vpnprofilestore_service
     -vr_hwc_service
     -vr_manager_service
     userdebug_or_eng(`-hal_face_service')

diff --git a/prebuilts/api/31.0/public/keystore.te b/prebuilts/api/31.0/public/keystore.te
index 155322c..b7d5090 100644
--- a/prebuilts/api/31.0/public/keystore.te
+++ b/prebuilts/api/31.0/public/keystore.te

@@ -20,7 +20,8 @@
 add_service(keystore, keystore_compat_hal_service)
 add_service(keystore, authorization_service)
 add_service(keystore, keystore_maintenance_service)
-add_service(keystore, vpnprofilestore_service)
+add_service(keystore, keystore_metrics_service)
+add_service(keystore, legacykeystore_service)
 
 # Check SELinux permissions.
 selinux_check_access(keystore)

diff --git a/prebuilts/api/31.0/public/service.te b/prebuilts/api/31.0/public/service.te
index a0d77c1..8121d04 100644
--- a/prebuilts/api/31.0/public/service.te
+++ b/prebuilts/api/31.0/public/service.te

@@ -20,7 +20,9 @@
 type credstore_service,         app_api_service, service_manager_type;
 type keystore_compat_hal_service, service_manager_type;
 type keystore_maintenance_service, service_manager_type;
+type keystore_metrics_service, service_manager_type;
 type keystore_service,          service_manager_type;
+type legacykeystore_service,    service_manager_type;
 type lpdump_service,            service_manager_type;
 type mediaserver_service,       service_manager_type;
 type mediametrics_service,      service_manager_type;
@@ -43,7 +45,6 @@
 type virtualization_service,    service_manager_type;
 type virtual_touchpad_service,  service_manager_type;
 type vold_service,              service_manager_type;
-type vpnprofilestore_service,   service_manager_type;
 type vr_hwc_service,            service_manager_type;
 type vrflinger_vsync_service,   service_manager_type;
 

diff --git a/prebuilts/api/31.0/public/te_macros b/prebuilts/api/31.0/public/te_macros
index 2a218cb..200b2e3 100644
--- a/prebuilts/api/31.0/public/te_macros
+++ b/prebuilts/api/31.0/public/te_macros

@@ -635,7 +635,7 @@
   allow keystore $1:process getattr;
   allow $1 apc_service:service_manager find;
   allow $1 keystore_service:service_manager find;
-  allow $1 vpnprofilestore_service:service_manager find;
+  allow $1 legacykeystore_service:service_manager find;
   binder_call($1, keystore)
   binder_call(keystore, $1)
 ')

diff --git a/private/access_vectors b/private/access_vectors
index 22f2ffa..5ff7aef 100644
--- a/private/access_vectors
+++ b/private/access_vectors

@@ -726,6 +726,7 @@
 	get_state
 	list
 	lock
+	pull_metrics
 	report_off_body
 	reset
 	unlock

diff --git a/private/app_zygote.te b/private/app_zygote.te
index 4ee3af7..cb023ec 100644
--- a/private/app_zygote.te
+++ b/private/app_zygote.te

@@ -79,6 +79,9 @@
 get_prop(app_zygote, device_config_runtime_native_prop)
 get_prop(app_zygote, device_config_runtime_native_boot_prop)
 
+# Allow app_zygote to access odsign verification status
+get_prop(app_zygote, odsign_prop)
+
 #####
 ##### Neverallow
 #####

diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 7c508cd..c943973 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil

@@ -73,8 +73,10 @@
     hw_timeout_multiplier_prop
     keystore_compat_hal_service
     keystore_maintenance_service
+    keystore_metrics_service
     keystore2_key_contexts_file
     legacy_permission_service
+    legacykeystore_service
     location_time_zone_manager_service
     media_communication_service
     media_metrics_service
@@ -145,7 +147,6 @@
     vibrator_manager_service
     virtualization_service
     vpn_management_service
-    vpnprofilestore_service
     watchdog_metadata_file
     wifi_key
     zygote_config_prop))

diff --git a/private/flags_health_check.te b/private/flags_health_check.te
index 55d1a9a..f6675ac 100644
--- a/private/flags_health_check.te
+++ b/private/flags_health_check.te

@@ -19,6 +19,7 @@
 set_prop(flags_health_check, device_config_window_manager_native_boot_prop)
 set_prop(flags_health_check, device_config_configuration_prop)
 set_prop(flags_health_check, device_config_connectivity_prop)
+set_prop(flags_health_check, device_config_surface_flinger_native_boot_prop)
 
 # system property device_config_boot_count_prop is used for deciding when to perform server
 # configurable flags related disaster recovery. Mistakenly set up by unrelated components can, at a

diff --git a/private/installd.te b/private/installd.te
index c89ba8b..726e5aa 100644
--- a/private/installd.te
+++ b/private/installd.te

@@ -40,6 +40,9 @@
 # Allow installd to access apk verity feature flag (for legacy case).
 get_prop(installd, apk_verity_prop)
 
+# Allow installd to access odsign verification status
+get_prop(installd, odsign_prop)
+
 # Allow installd to delete files in /data/staging
 allow installd staging_data_file:file unlink;
 allow installd staging_data_file:dir { open read remove_name rmdir search write };

diff --git a/private/mediaprovider_app.te b/private/mediaprovider_app.te
index 0e4a50e..e8a85e5 100644
--- a/private/mediaprovider_app.te
+++ b/private/mediaprovider_app.te

@@ -21,6 +21,9 @@
 # Talk to the MediaServer service
 allow mediaprovider_app mediaserver_service:service_manager find;
 
+# Talk to the AudioServer service
+allow mediaprovider_app audioserver_service:service_manager find;
+
 # Talk to regular app services
 allow mediaprovider_app app_api_service:service_manager find;
 

diff --git a/private/otapreopt_chroot.te b/private/otapreopt_chroot.te
index ea9d4ee..382795d 100644
--- a/private/otapreopt_chroot.te
+++ b/private/otapreopt_chroot.te

@@ -96,3 +96,8 @@
 
 # allow otapreopt_chroot to run the linkerconfig from the new image.
 allow otapreopt_chroot linkerconfig_exec:file rx_file_perms;
+
+# allow otapreopt_chroot to talk with otadexopt binder service
+allow otapreopt_chroot otadexopt_service:service_manager find;
+binder_use(otapreopt_chroot)
+binder_call(otapreopt_chroot, system_server)

diff --git a/private/property.te b/private/property.te
index 01d4fd9..d6ddbdf 100644
--- a/private/property.te
+++ b/private/property.te

@@ -10,6 +10,7 @@
 system_internal_prop(device_config_configuration_prop)
 system_internal_prop(device_config_connectivity_prop)
 system_internal_prop(device_config_swcodec_native_prop)
+system_internal_prop(device_config_surface_flinger_native_boot_prop)
 system_internal_prop(fastbootd_protocol_prop)
 system_internal_prop(gsid_prop)
 system_internal_prop(init_perf_lsm_hooks_prop)

diff --git a/private/property_contexts b/private/property_contexts
index 62862e9..326232d 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -241,6 +241,7 @@
 persist.device_config.statsd_native.                u:object_r:device_config_statsd_native_prop:s0
 persist.device_config.statsd_native_boot.           u:object_r:device_config_statsd_native_boot_prop:s0
 persist.device_config.storage_native_boot.          u:object_r:device_config_storage_native_boot_prop:s0
+persist.device_config.surface_flinger_native_boot.  u:object_r:device_config_surface_flinger_native_boot_prop:s0
 persist.device_config.swcodec_native.               u:object_r:device_config_swcodec_native_prop:s0
 persist.device_config.window_manager_native_boot.   u:object_r:device_config_window_manager_native_boot_prop:s0
 

diff --git a/private/seapp_contexts b/private/seapp_contexts
index 1d38fd9..c9fc8c6 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts

@@ -5,11 +5,9 @@
 # Input selectors:
 #       isSystemServer (boolean)
 #       isEphemeralApp (boolean)
-#       isOwner (boolean)
 #       user (string)
 #       seinfo (string)
 #       name (string)
-#       path (string)
 #       isPrivApp (boolean)
 #       minTargetSdkVersion (unsigned integer)
 #       fromRunAs (boolean)
@@ -17,7 +15,7 @@
 # All specified input selectors in an entry must match (i.e. logical AND).
 # An unspecified string or boolean selector with no default will match any
 # value.
-# A user, name, or path string selector that ends in * will perform a prefix
+# A user, or name string selector that ends in * will perform a prefix
 # match.
 # String matching is case-insensitive.
 # See external/selinux/libselinux/src/android/android_platform.c,
@@ -26,7 +24,6 @@
 # isSystemServer=true only matches the system server.
 # An unspecified isSystemServer defaults to false.
 # isEphemeralApp=true will match apps marked by PackageManager as Ephemeral
-# isOwner=true will only match for the owner/primary user.
 # user=_app will match any regular app process.
 # user=_isolated will match any isolated service process.
 # Other values of user are matched against the name associated with the process
@@ -35,7 +32,6 @@
 # mac_permissions.xml files.
 # The ':' character is reserved and may not be used in seinfo.
 # name= matches against the package name of the app.
-# path= matches against the directory path when labeling app directories.
 # isPrivApp=true will only match for applications preinstalled in
 #       /system/priv-app.
 # minTargetSdkVersion will match applications with a targetSdkVersion
@@ -50,19 +46,16 @@
 #       (1) isSystemServer=true before isSystemServer=false.
 #       (2) Specified isEphemeralApp= before unspecified isEphemeralApp=
 #             boolean.
-#       (3) Specified isOwner= before unspecified isOwner= boolean.
-#       (4) Specified user= string before unspecified user= string;
+#       (3) Specified user= string before unspecified user= string;
 #             more specific user= string before less specific user= string.
-#       (5) Specified seinfo= string before unspecified seinfo= string.
-#       (6) Specified name= string before unspecified name= string;
+#       (4) Specified seinfo= string before unspecified seinfo= string.
+#       (5) Specified name= string before unspecified name= string;
 #             more specific name= string before less specific name= string.
-#       (7) Specified path= string before unspecified path= string.
-#             more specific name= string before less specific name= string.
-#       (8) Specified isPrivApp= before unspecified isPrivApp= boolean.
-#       (9) Higher value of minTargetSdkVersion= before lower value of
+#       (6) Specified isPrivApp= before unspecified isPrivApp= boolean.
+#       (7) Higher value of minTargetSdkVersion= before lower value of
 #              minTargetSdkVersion= integer. Note that minTargetSdkVersion=
 #              defaults to 0 if unspecified.
-#       (10) fromRunAs=true before fromRunAs=false.
+#       (8) fromRunAs=true before fromRunAs=false.
 # (A fixed selector is more specific than a prefix, i.e. ending in *, and a
 # longer prefix is more specific than a shorter prefix.)
 # Apps are checked against entries in precedence order until the first match,

diff --git a/private/service_contexts b/private/service_contexts
index c020a04..f8c1607 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -37,9 +37,10 @@
 android.security.compat                   u:object_r:keystore_compat_hal_service:s0
 android.security.identity                 u:object_r:credstore_service:s0
 android.security.keystore                 u:object_r:keystore_service:s0
+android.security.legacykeystore           u:object_r:legacykeystore_service:s0
 android.security.maintenance              u:object_r:keystore_maintenance_service:s0
+android.security.metrics                  u:object_r:keystore_metrics_service:s0
 android.security.remoteprovisioning       u:object_r:remoteprovisioning_service:s0
-android.security.vpnprofilestore          u:object_r:vpnprofilestore_service:s0
 android.service.gatekeeper.IGateKeeperService    u:object_r:gatekeeper_service:s0
 app_binding                               u:object_r:app_binding_service:s0
 app_hibernation                           u:object_r:app_hibernation_service:s0

diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 8203724..f99ce96 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te

@@ -61,6 +61,7 @@
 
 # Get properties.
 get_prop(surfaceflinger, qemu_sf_lcd_density_prop)
+get_prop(network_stack, device_config_surface_flinger_native_boot_prop)
 
 # Use open files supplied by an app.
 allow surfaceflinger appdomain:fd use;

diff --git a/private/system_server.te b/private/system_server.te
index d76a2a8..5d685c3 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -708,7 +708,7 @@
 set_prop(system_server, device_config_window_manager_native_boot_prop)
 set_prop(system_server, device_config_configuration_prop)
 set_prop(system_server, device_config_connectivity_prop)
-
+set_prop(system_server, device_config_surface_flinger_native_boot_prop)
 
 # Allow query ART device config properties
 get_prop(system_server, device_config_runtime_native_boot_prop)
@@ -853,6 +853,7 @@
 allow system_server installd_service:service_manager find;
 allow system_server iorapd_service:service_manager find;
 allow system_server keystore_maintenance_service:service_manager find;
+allow system_server keystore_metrics_service:service_manager find;
 allow system_server keystore_service:service_manager find;
 allow system_server mediaserver_service:service_manager find;
 allow system_server mediametrics_service:service_manager find;
@@ -903,6 +904,7 @@
 	clear_uid
 	get_state
 	lock
+	pull_metrics
 	reset
 	unlock
 };
@@ -1216,6 +1218,7 @@
   device_config_runtime_native_prop
   device_config_media_native_prop
   device_config_storage_native_boot_prop
+  device_config_surface_flinger_native_boot_prop
   device_config_sys_traced_prop
   device_config_swcodec_native_prop
   device_config_window_manager_native_boot_prop

diff --git a/private/toolbox.te b/private/toolbox.te
index 8202e04..b4a3466 100644
--- a/private/toolbox.te
+++ b/private/toolbox.te

@@ -3,5 +3,5 @@
 init_daemon_domain(toolbox)
 
 # rm -rf /data/misc/virtualizationservice
-allow toolbox virtualizationservice_data_file:dir { getattr remove_name rmdir };
-allow toolbox virtualizationservice_data_file:file { getattr unlink };
+allow toolbox virtualizationservice_data_file:dir create_dir_perms;
+allow toolbox virtualizationservice_data_file:file create_file_perms;

diff --git a/private/webview_zygote.te b/private/webview_zygote.te
index 10bcf1c..3473eca 100644
--- a/private/webview_zygote.te
+++ b/private/webview_zygote.te

@@ -87,6 +87,9 @@
 get_prop(webview_zygote, device_config_runtime_native_prop)
 get_prop(webview_zygote, device_config_runtime_native_boot_prop)
 
+# Allow webview_zygote to access odsign verification status
+get_prop(zygote, odsign_prop)
+
 #####
 ##### Neverallow
 #####

diff --git a/private/wificond.te b/private/wificond.te
index 8bf37ca..3fdaca2 100644
--- a/private/wificond.te
+++ b/private/wificond.te

@@ -6,4 +6,6 @@
 
 get_prop(wificond, hwservicemanager_prop)
 
+allow wificond legacykeystore_service:service_manager find;
+
 init_daemon_domain(wificond)

diff --git a/private/zygote.te b/private/zygote.te
index de64c8f..651fb10 100644
--- a/private/zygote.te
+++ b/private/zygote.te

@@ -217,6 +217,9 @@
 # Allow zygote to access media_variant_prop for static initialization
 get_prop(zygote, media_variant_prop)
 
+# Allow zygote to access odsign verification status
+get_prop(zygote, odsign_prop)
+
 # Allow zygote to read ro.control_privapp_permissions and ro.cp_system_other_odex
 get_prop(zygote, packagemanager_config_prop)
 

diff --git a/public/domain.te b/public/domain.te
index d84abf1..799a2f1 100644
--- a/public/domain.te
+++ b/public/domain.te

@@ -677,6 +677,7 @@
     -credstore_service
     -keystore_maintenance_service
     -keystore_service
+    -legacykeystore_service
     -mediadrmserver_service
     -mediaextractor_service
     -mediametrics_service
@@ -684,7 +685,6 @@
     -nfc_service
     -radio_service
     -virtual_touchpad_service
-    -vpnprofilestore_service
     -vr_hwc_service
     -vr_manager_service
     userdebug_or_eng(`-hal_face_service')

diff --git a/public/keystore.te b/public/keystore.te
index 155322c..b7d5090 100644
--- a/public/keystore.te
+++ b/public/keystore.te

@@ -20,7 +20,8 @@
 add_service(keystore, keystore_compat_hal_service)
 add_service(keystore, authorization_service)
 add_service(keystore, keystore_maintenance_service)
-add_service(keystore, vpnprofilestore_service)
+add_service(keystore, keystore_metrics_service)
+add_service(keystore, legacykeystore_service)
 
 # Check SELinux permissions.
 selinux_check_access(keystore)

diff --git a/public/service.te b/public/service.te
index 4fa6a13..756c31c 100644
--- a/public/service.te
+++ b/public/service.te

@@ -21,7 +21,9 @@
 type credstore_service,         app_api_service, service_manager_type;
 type keystore_compat_hal_service, service_manager_type;
 type keystore_maintenance_service, service_manager_type;
+type keystore_metrics_service, service_manager_type;
 type keystore_service,          service_manager_type;
+type legacykeystore_service,    service_manager_type;
 type lpdump_service,            service_manager_type;
 type mediaserver_service,       service_manager_type;
 type mediametrics_service,      service_manager_type;
@@ -44,7 +46,6 @@
 type virtualization_service,    service_manager_type;
 type virtual_touchpad_service,  service_manager_type;
 type vold_service,              service_manager_type;
-type vpnprofilestore_service,   service_manager_type;
 type vr_hwc_service,            service_manager_type;
 type vrflinger_vsync_service,   service_manager_type;
 

diff --git a/public/te_macros b/public/te_macros
index 2a218cb..200b2e3 100644
--- a/public/te_macros
+++ b/public/te_macros

@@ -635,7 +635,7 @@
   allow keystore $1:process getattr;
   allow $1 apc_service:service_manager find;
   allow $1 keystore_service:service_manager find;
-  allow $1 vpnprofilestore_service:service_manager find;
+  allow $1 legacykeystore_service:service_manager find;
   binder_call($1, keystore)
   binder_call(keystore, $1)
 ')

diff --git a/tools/check_seapp.c b/tools/check_seapp.c
index 2b06c11..7795e3a 100644
--- a/tools/check_seapp.c
+++ b/tools/check_seapp.c

@@ -207,11 +207,9 @@
                 /*Inputs*/
                 { .name = "isSystemServer", .dir = dir_in, .fn_validate = validate_bool },
                 { .name = "isEphemeralApp",  .dir = dir_in, .fn_validate = validate_bool },
-                { .name = "isOwner",        .dir = dir_in, .fn_validate = validate_bool },
                 { .name = "user",           .dir = dir_in,                              },
                 { .name = "seinfo",         .dir = dir_in,                              },
                 { .name = "name",           .dir = dir_in,                              },
-                { .name = "path",           .dir = dir_in,                              },
                 { .name = "isPrivApp",      .dir = dir_in, .fn_validate = validate_bool },
                 { .name = "minTargetSdkVersion", .dir = dir_in, .fn_validate = validate_uint },
                 { .name = "fromRunAs",       .dir = dir_in, .fn_validate = validate_bool },
commit	e43222e19b8da35e78e0a6ed0873d123bbbacd13	[log] [tgz]
author	Yabin Cui <yabinc@google.com>	Fri Jul 02 16:37:38 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Fri Jul 02 16:37:38 2021 +0000
tree	1eb4975e518bb553bea045447ba0b733bb3a6955
parent	59c063b86636a1e61a552273dfc82bab663b39ed [diff]
parent	26de4c4ecc1fa0229052b6c3a255ef0ae7c85bdd [diff]