Merge changes from topic "prefetch-android" into main * changes: prefetch: Add new prefetch.te selinux policy Prefetch: Add sepolicy to control prefetch properties

commit: ef3df3b7c25a9dea0e340ff1e1b243c8aa6cdd9d [log] [tgz]
author: Akilesh Kailash <akailash@google.com> Wed Nov 20 05:02:52 2024 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Nov 20 05:02:52 2024 +0000
tree: d283429941bfff236a41f64e9ad5467b7791ad6d
parent: 5fe9d17a5221e837dca97ea252bea9a73fd43ea3 [diff]
parent: ca1d90afa20ff25d02eda638812386cc00e26466 [diff]
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index f931115..a21a6e8 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go

@@ -514,6 +514,7 @@
 		"wifi":                                   EXCEPTION_NO_FUZZER,
 		"wifinl80211":                            []string{"wificond_service_fuzzer"},
 		"wifiaware":                              EXCEPTION_NO_FUZZER,
+		"wifi_usd":                               EXCEPTION_NO_FUZZER,
 		"wifirtt":                                EXCEPTION_NO_FUZZER,
 		"wifi_mainline_supplicant":               EXCEPTION_NO_FUZZER, // defined internally
 		"window":                                 EXCEPTION_NO_FUZZER,

diff --git a/private/service_contexts b/private/service_contexts
index e452172..4fc9435 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -514,6 +514,9 @@
 wifinl80211                               u:object_r:wifinl80211_service:s0
 wifiaware                                 u:object_r:wifiaware_service:s0
 wifirtt                                   u:object_r:rttmanager_service:s0
+starting_at_board_api(202504, `
+   wifi_usd                                  u:object_r:wifi_usd_service:s0
+')
 wifi_mainline_supplicant                  u:object_r:wifi_mainline_supplicant_service:s0
 window                                    u:object_r:window_service:s0
 *                                         u:object_r:default_android_service:s0

diff --git a/private/vmlauncher_app.te b/private/vmlauncher_app.te
index abee70f..934031a 100644
--- a/private/vmlauncher_app.te
+++ b/private/vmlauncher_app.te

@@ -13,7 +13,7 @@
 
 allow vmlauncher_app fsck_exec:file { r_file_perms execute execute_no_trans };
 
-allow vmlauncher_app virtualizationservice_data_file:file { read relabelto open write unlink };
+allow vmlauncher_app virtualizationservice_data_file:file { read relabelto open write unlink rename };
 allow vmlauncher_app privapp_data_file:file { relabelfrom };
 
 is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, `

diff --git a/public/service.te b/public/service.te
index 7aab275..854ceef 100644
--- a/public/service.te
+++ b/public/service.te

@@ -298,6 +298,9 @@
 type wifi_service, app_api_service, system_server_service, service_manager_type;
 type wifinl80211_service, service_manager_type;
 type wifiaware_service, app_api_service, system_server_service, service_manager_type;
+starting_at_board_api(202504, `
+   type wifi_usd_service, app_api_service, system_server_service, service_manager_type;
+')
 type window_service, system_api_service, system_server_service, service_manager_type;
 type inputflinger_service, system_api_service, system_server_service, service_manager_type;
 type tethering_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
commit	ef3df3b7c25a9dea0e340ff1e1b243c8aa6cdd9d	[log] [tgz]
author	Akilesh Kailash <akailash@google.com>	Wed Nov 20 05:02:52 2024 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Nov 20 05:02:52 2024 +0000
tree	d283429941bfff236a41f64e9ad5467b7791ad6d
parent	5fe9d17a5221e837dca97ea252bea9a73fd43ea3 [diff]
parent	ca1d90afa20ff25d02eda638812386cc00e26466 [diff]