* changes:
  Revert "Move thermal service into system_server"
  Revert "Expose thermal service to all apps"

This reverts commit 461d91fe.

Reason for revert: breaks git_pi-dev-plus-aosp

Change-Id: I8a42dc040a112f0774f31486a8da2a26e1e68a30

This reverts commit 52611966.

Reason for revert: breaks git_pi-dev-plus-aosp

Change-Id: Iddddb77e2d567002aed3844360284c4aeac4088d

* changes:
  Expose thermal service to all apps
  Move thermal service into system_server

Bug: 116754732
Test: Started a trace in Traceur using Perfetto successfully.

Change-Id: I217857bf1f43f1b7b24454687d1f26b9d5c6c56a

Thermal API has been added to PowerManager and this CL is to grant
IThermal access to app.

Bug: 119613338
Test: PowerManager CTS test
Change-Id: I977530a9a5490bdc53af1548788b885e7c649f01

Bug: 118510237
Test: Boot and test callback on ThermalHAL 1.1 and ThermalHAL 2.0

(cherry picked from commit 75cc6bf2)

Change-Id: Iafb376e61dc579c3bfd173ac34a4d525b83d8e5c

Also giving statsd permission to access it. This change copies the internal sepolicy to AOSP.

Bug: 111185513
Bug: 120551881
Test: make
Change-Id: I7e0386777e05580299caf9b97cb7804459f1a9d0

These selinux policy rules were added for bufferhub to run a binder
service. But later we decided to use a hwbinder service instead, and the
original binder service was removed in git/master. Now we can safely
remove these rules.

Test: Build passed. Device boot successfully without selinux denial.
Bug: 118891412
Change-Id: I349b5f0f2fa8fb6a7cfe7869d936791355c20753

Add a DeviceConfig service in system_server to edit configuration flags.
This is intended to be a command line tool for local overrides and/or
tool for tests that adopt shell permissions.

Test: None
Bug:109919982
Bug:113101834
Change-Id: Ib7bed752849b1ed102747e3202dd7aed48d2c6d5

I572ea22253e0c1e42065fbd1d2fd7845de06fceb introduced a whitelist, so
everything under tracing/ is assumed to be debugfs_tracing_debug
unless explicitly marked as debugfs_tracing.

Test: Device boots, labels under /sys/kernel/debug/tracing are unchanged.
Change-Id: Id0f0cbcc9e5540551bd2906fbf75f8e939dc4d4c

Allow traced_probes to read /sys/kernel/debug/tracing
directories in userdebug mode. We read the directory when enabling
events with the wild card syntax: "oom/*" which attmpts to read the
directory /sys/kernel/debug/tracing/events/oom to work out what oom
events exist.

Denial:
  avc: denied { read } for name="oom" dev="tracefs" ino=11353
  scontext=u:r:traced_probes:s0
  tcontext=u:object_r:debugfs_tracing_debug:s0 tclass=dir
  permissive=0

Bug: 119662403
Test: perfetto -t 10s 'oom/*' -o /data/misc/perfetto-traces/trace
Change-Id: I2cb171c3c5292d2eb55e71376f965b924a563572

Code in bionic / libcore will now look in the runtime
APEX module for data files.

Bug: 119293618
Bug: 119390260
Test: build / treehugger only
Change-Id: I965c763e7f0452b8ef5ffbf730733e9a41254beb

All these modules are being unconditionally added to
LOCAL_REQUIRED_MODULES a few lines down.

Test: make
Change-Id: I474c5d41e1a6dd34fd2c2f2d10299048df4c2b70

After b/28357356 /dev/alarm is no longer used by android platform.
Also, Pixel devices don't have /dev/alarm.

Bug: 110962171
Test: boot aosp_walleye
Change-Id: Id9723996104a2548ddf366489890c098d1ea87be

Add sepolicy rule to support audio system property
audio.offload.min.duration.secs

Bug: 120123518
Change-Id: Ie027eb9ef102caca13adb1924db3be11d02b25c7

This prevents denials while taking a bugreport.

Bug: 116711254
Test: cts-tradefed run cts -m CtsSecurityHostTestCases -t
android.security.cts.SELinuxHostTest#testNoBugreportDenials

Change-Id: I5414141a1557d71e3ac0cf5bc89529685e9069c3

Merge pie-platform-release (PPRL.181105.017, history only) into master

Bug: 118454372
Change-Id: I44d2461c1d8845d453fe587a77c2c06f9e1da2eb

Allow wifi HAL to use SIOCETHTOOL. This permission is needed to get
factory MAC address of the device.

Bug: 111634904
Test: Manual check that the device can get factory MAC address
Change-Id: I50e91ef7390ad4fba6e014990ee23feb777c4391

An incident.proto section has been added to the bugreport. Need
appropriate sepolicy changes to allow binder calls and fd access.

Bug: 119417232
Test: adb bugreport. Verify incident.proto is in the proto folder,
      and there are no sepolicy violations.

Change-Id: Iac27cbf283a2e1cb41862c76343c2b639f6c0e1e

The isolated service that do nothing except for both AIDL's basic
skeleton and service binding. It still got the SELinux denied.
This should fix presubmit test.

01-01 00:00:29.196  6121  6121 I auditd  : type=1400 audit(0.0:6):
avc: denied { getattr } for comm="convert.service"
path="/data/data/com.android.externalstorage" dev="sda35" ino=655437
scontext=u:r:isolated_app:s0:c0,c256,c512,c768
tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0

Test: ag/5681059 ag/5660144
Bug: 120394782
Change-Id: I7838def96da30b88d510dab860ed9779a0d4d5ed

We are making a change to uevent_open_socket() in libcutils related to
setting the receive buffer size of netlink uevent sockets.

After setting SO_RCVBUF, we immediately read it back using getsockopt()
to verify that the setsockopt() call was effective. Only if it was not
effective, we call setsockopt() with SO_RCVBUFFORCE.

getsockopt() previously caused SELinux denials like the following:

 avc: denied { getopt } for comm="usb@1.1-service" scontext=u:r:hal_usb_default:s0 tcontext=u:r:hal_usb_default:s0 tclass=netlink_kobject_uevent_socket permissive=0

Bug: 119933843
Change-Id: I7bbb1eb1fa7ade2c94afc52ab1e28762f86a7d1f

Adds the necessary incantations for the new service.

Bug: 118242715
Bug: 119026403
Test: build / boot / adb shell dumpsys
Change-Id: Ibb1a356067863316d70586a61ede9f5973c1ae15