This reverts commit b3624743.

Reason for revert:

android.jvmti.cts.JvmtiHostTest1906#testJvmti unittest failures.

Bug: 121333210
Bug: 112357170
Change-Id: I6e68855abaaaa1e9248265a468712fa8d70ffa74
Test: compiles and boots

This reverts commit 89041472.

Unittest failures of JvmtiHostTest1906#testJvmti. To do a clean revert
of b3624743, we need to also revert this
change.

Test: compiles
Bug: 121333210
Bug: 111338677

Arbitrary apps need to connect to heapprofd in order to send samples.

Relevant denial trying to profile com.google.android.inputmethod.latin
on userdebug:

12-20 14:50:20.420 25219 25219 I heapprofd: type=1400 audit(0.0:1006): avc: denied { read } for path="/proc/24819/mem" dev="proc" ino=244219 scontext=u:r:heapprofd:s0 tcontext=u:r:untrusted_app_27:s0:c133,c256,c512,c768 tclass=file permissive=1

Bug: 121370989

Test: m
Test: flash walleye
Test: profile com.google.android.inputmethod.latin

Change-Id: Iee82c8c49951e5a5726cd5ab0b9e8fa71226c802

The policies allow the system server to register a network_stack_service
used to communicate with the network stack process.

Test: atest FrameworksNetTests
Bug: b/112869080
Change-Id: Ib9b7d9150fe4afcce03c8b3dbb36b81c67e39366

Bug: 121099965
Test: manual
Change-Id: I940868eb984399763d7346a201e37cb07fb12333

There are many permission related APIs currently handled by the
package manager service. These are simply pass throughs from the
package manager service to an internal API defined by the
permission manager service. Instead of this multi-hop, we want
to open the permission manager service directly to apps. For
legacy, we won't be able to remove the APIs from PackageManager,
but, the implementation should go directly to the Permission
Manager Service.

Test: System boots w/o selinux denials
Change-Id: I1d953077b3da18ccf44deb85b9084be68a2179bd

The networking stack app hosts services that used to be in the system
server (IpClient, NetworkMonitor for now), but in a different process to
be packaged as a mainline module.

Test: booted, verified networking stack working when in app
Change-Id: I300a556f51b35c17378af961cea1ec937444e597

To configure read-ahead on loop devices, eg.
/sys/devices/virtual/block/loop0/queue/read_ahead_kb

Bug: 120776455
Test: configuring read-ahead on loop devices works from apexd
Change-Id: Ib25372358e8ca62fa634daf286e4b64e635fac58

Add a neverallow rule asserting that services registered or queried
through hwservicemanager must have the attribute hwservice_manager_type.
Attempting to add or query a service which does not have that
attribute is malformed policy.

Test: compiles
Change-Id: Ib498508694f478c396f2d9273abaccbff06975e6

Add a neverallow rule asserting that services registered or queried
through servicemanager must have the attribute service_manager_type
or vndservice_manager_type. Attempting to add or query a service which
does not have one of those attributes is malformed policy.

See
https://android-review.googlesource.com/c/platform/system/sepolicy/+/826500/7/private/system_server.te#696
as an example where this occurred.

Test: compiles
Change-Id: I339bde04b80819b07832d96797fd7f477a4b676a

sed "-i" flag on Mac has different syntax than on Linux. Replace use of
sed with grep.

A simple fix like this should suffice for this case, but ideally, we
should maintain our own utils instead of using tools on the host
machine.

Fixes: 121235932
Test: m selinux_policy
Change-Id: I46c3bdb90bf7de48d2c942b15a65ce82ae3041c5

The bcc command line uses /data/user/0 paths, so renderscript needs to
be able to follow those symlinks.

Addresses the following denial:

  audit(1545249938.830:2274): avc: denied { read } for comm="bcc" name="0" dev="dm-6" ino=101 scontext=u:r:rs:s0:c184,c256,c512,c768 tcontext=u:object_r:system_data_file:s0 tclass=lnk_file permissive=1 app=android.rscpp.cts

Test: cts-tradefed run cts -m CtsRsCppTestCases
Bug: 121266184
Bug: 112357170
Change-Id: I16210f9b95f386bdee0863cf0044c956af99586d

Bug: 119305624
Test: boot blueline
Change-Id: I3ecdeab3bb33c3cb5e80dc10ba1079c9853048f8

Bug: 120921905
Test: locally tested
Change-Id: I23fda0f83daff8765f7946814a61588dac00c85a

* changes:
  Separate product_sepolicy.cil out of system sepolicy
  Replace "grep -f" with python util.

Product-specific sepolicy will be installed into /product/etc/selinux/*.
This change separates out /product/etc/selinux/product_sepolicy.cil out
of system sepolicy.

This file is merged into precompiled_sepolicy at build-time. In case
precompiled_sepolicy can't be used (e.g. system-only-ota), init wll
merge this file with the rest of the sepolicy at runtime.

I left TODOs to separate other product-specific SELinux artifacts out of
system.

Bug: 119305624
Test: boot aosp_taimen with product_sepolicy.cil
Test: build selinux_policy for aosp_arm64; no product_sepolicy.cil
produced
Change-Id: Idb84a1c8ceb2de78f1460d954497c53fed08935f

grep can potentially run out of memory on Mac builds for large input
files. So we add a python util to handle filtering out files.

We will also need this util to filter plat_sepolicy.cil out of
product_sepolicy.cil

Bug: 119305624
Test: boot aosp_taimen
Change-Id: I61cd68f407ea5de43a06bf522a5fc149e5067e8c

Bug: 120865921
Test: Manual verification
Change-Id: Ic0b3f85fad24ccedc0a8e9935c198bc8503bb415

Make mediaextractor use hidl memory allocated by
hidl allocator, instead of constructing hidl memory
from IMemory.

bug: 112766913
bug: 111407253
Change-Id: I7902f18768005c995925bc9a7947299e9988b68a
(Needed for internal commit I39e131718ea41f9cb23177c28213ddf7b7741338)

Test: Booted with Vulkan rendering
Change-Id: I00485c16e5a878321a699f35d28fb85834991255

We're creating a new PermissionManagerService that will handle
all of the permission related APIs. These are currently being
routed through PackageManagerService.

Test: Device boots
Change-Id: I7d08561dd33b692209c30d413cdca0ff567358f1

rss_hwm_reset is binary that reset RSS high-water mark counters for all
currently running processes. It runs in a separate process because it
needs dac_override capability.

Bug: 119603799
Test: no errors in logcat
Change-Id: I6221a5eca3427bf532830575d8fba98eb3e65c29

Test: Run CtsMediaTestCases on aosp_marlin_svelte
Change-Id: Ie7d491fbc11ef5c24826a0d69e479bc03bd2ad08

Bug: 111276913
Test: manual verification

Merged-In: If76dc7bfdad87789a58fc94e0fd280deae1a41ab
Change-Id: If76dc7bfdad87789a58fc94e0fd280deae1a41ab
(cherry picked from commit 73e7fa88)

On debug builds, introduce audit logging of apps targeting SDK <= 28
that execute native code from a non-priv app home directory via
execve() or dl_open().

Bug: 111338677
Test: Builds + boots.
Test: Launch app that uses private .so files, see granted logs.
Change-Id: I5880801d3a29cbf2c1cf4e0d72adc69a9d548952