To better record the network traffic stats for each network interface.
We use xt_bpf netfilter module to do the iface stats accounting instead
of the cgroup bpf filter we currently use for per uid stats accounting.
The xt_bpf module will take pinned eBPF program as iptables rule and run
the program when packet pass through the netfilter hook. To setup the
iptables rules. netd need to be able to access bpf filesystem and run the
bpf program at boot time. The program used will still be created and
pinned by the bpfloader process.

Test: With selinux enforced, run "iptables -L -t raw" should show the
xt_bpf related rule present in bw_raw_PREROUTING chain.
Bug: 72111305

Change-Id: I11efe158d6bd5499df6adf15e8123a76cd67de04

Several /odm/* symlinks are added in the following change, to fallback
to /vendor/odm/* when there is no /odm partition on the device.

  https://android-review.googlesource.com/#/c/platform/system/sepolicy/+/638159/

This change allows dexopt operations to 'getattr' those symlinks during
OTA.

Bug: 75287236
Test: boot a device
Change-Id: I2710ce5e2c47eb1a3432123ab49f1b6f3dcb4ffe

Bug: 74586749
Test: build policy
Change-Id: I72a3b7c38eb9030ffac0d2dde23a9ff7c26fd70a

Bug: 74866333
Test: succeeded building and tested with taimen
Change-Id: Id19fec168ab266e386ea4c710a4c5cedfc4df33c

Allow init the ability to relabel recovery block devices. In the case
where we have recovery as a chain partition, due to its presence in
early mount node, init, in first stage itself would require relabel
permissions for the restorecon operation on recovery block device.

Bug: 73642793
Test: On bootup, recovery partition gets the appropriate se-label.
      Perform OTA on non-A/B device with recovery as chain partition,
      now the recovery partition gets upgraded successfully, now that
      it has the correct se-label.

Change-Id: I370c510320e78ab78c9c55573073415b4983d0f6

Bug: 64195575
Test: boot a device
Change-Id: I7f7deb5e2c5c6e0a75cf22eb610a7973b5be0d7e

vendor-init-settable should be allowed to ro.enable_boot_charger_mode so
that SoC vendors can set its default value.

Bug: 74421250
Test: succeeded building and tested with taimen
Change-Id: I2859aab29fefb7882989413a089b0de55142d2f1

Only untrusted apps had privilegs to read file descriptors passed in
from traceur, which was an oversight. This fixes the policy so that priv
apps can also access file descriptors from traceur in order to read
reports shared from traceur.

Bug: 74435522
Test: better bug has access to reports shared from traceur
Change-Id: I591872cdac31eec62edbc81d95f1220f1152427f

* changes:
  sepolicy: Read access to audioserver for Bluetooth properties
  Bluetooth A2DP offload: Binder call to audio HAL

Provide read/write access to audioserver for Bluetooth
properties used with A2DP offload.

Bug: 68824150
Test: Manual; TestTracker/148125
Change-Id: I40c932d085ac55bc45e6654f966b2c9d244263d0
(cherry picked from commit 041049bc)

Add rule to allow Binder call from Bluetooth process to Bluetooth
audio HIDL interface running in audio HAL service process.

Bug: 72242910
Test: Manual; TestTracker/148125
Change-Id: I1981a78bece10b8e516f218d3edde8b77943d130
(cherry picked from commit e8cfac90)

This reverts commit 016f0a58.

Reason for revert: Was temporarily reverted, merging back in with fix.

Test: Basic telephony sanity, treehugger
Bug: 74486619
Bug: 36427227
Merged-in: Ide68726a90d5485c2758673079427407aee1e4f2
Change-Id: Ide68726a90d5485c2758673079427407aee1e4f2
(cherry picked from commit 312248ff)

Bug: 69623109
Change-Id: I7d194a3489fc5ff278cef7bebe9bfe6c39d3b2b8

This reverts commit aed57d4e.

Reason for revert: This CL is expected to break pre-submit tests (b/74486619)

Merged-in: I103c3faa1604fddc27b3b4602b587f2d733827b1
Change-Id: I0eb7a744e0d43ab15fc490e7e7c870d0f44e1401

/odm partition isn't mandatory and the following symlinks will exist on
a device without /odm partition.

  /odm/app ->/vendor/odm/app
  /odm/bin ->/vendor/odm/bin
  /odm/etc ->/vendor/odm/etc
  /odm/firmware ->/vendor/odm/firmware
  /odm/framework ->/vendor/odm/framework
  /odm/lib -> /vendor/odm/lib
  /odm/lib64 -> /vendor/odm/lib64
  /odm/overlay -> /vendor/odm/overlay
  /odm/priv-app -> /vendor/odm/priv-app

This CL allows all domains to access the symlinks, also removes the
Treble compliance neverallows on them because the actual restrictions
should apply to the real path directly.

Bug: 70678783
Test: boot a device
Change-Id: If1522780a13710d8a592272dc688685cbae29f52

It should instead write to /data/vendor/wifi.

Bug: 36645291
Test: Built policy.
Change-Id: Ib7ba3477fbc03ebf07b886c60bcf4a64b954934a

Also change the neverallow exceptions to be for hal_telephony_server
instead of rild.

Test: Basic telephony sanity, treehugger
Bug: 36427227
Merged-in: If892b28416d98ca1f9c241c5fcec70fbae35c82e
Change-Id: If892b28416d98ca1f9c241c5fcec70fbae35c82e

Bug: 74266614
Test: succeeded building and tested on pixel
PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE=true

Change-Id: I926eb4316c178a39693300fe983176acfb9cabec
Merged-In: I926eb4316c178a39693300fe983176acfb9cabec
(cherry picked from commit 9ddba296)

When building userdebug or eng builds, we still want to build the user
policy when checking neverallow rules so that we can catch compile
errors.

Commit c0713e86 split out a helper function but lost one instance of
using user instead of the real variant.  This restores that one and
adds it to the neverallow check.

Bug: 74344625
Test: Added a rule that referred to a type defined only
in userdebug and eng and ensure we throw a compile error when building
userdebug mode.

Change-Id: I1a6ffbb36dbeeb880852f9cbac880f923370c2ae
(cherry picked from commit 053cb341)

This should fix presubmit tests.

Bug: 74331887
Test: Built policy.
Change-Id: Ie9ef75a7f9eaebf1103e3d2f3b4521e9abaf2fe7
(cherry picked from commit 2995e996)

Remove a fixed bug from bug_map.

Bug: 62140539
Test: Built policy.
Change-Id: I2ce9e48de92975b6e37ca4a3a4c53f9478b006ef
(cherry picked from commit f3f93eaf)