am: 5d81208e

Change-Id: If6446ab310961d37a302e0482aaee4ec70c39c9a

am: d06d8c81

Change-Id: Iec93bd97c267143606c62957e404493a1aa3c7c9

am: f169d6a3

Change-Id: Icbd24b2e2222746a6efb957e609912b30d3d8e5e

am: e453801d

Change-Id: I1568b0c66ebd5932dbc5da353c40dbff02ceab26

Bug: 36987889
Test: Build

Change-Id: I6dda2949069ccf14d3463bd7428494bde561ed9a
Signed-off-by: Sandeep Patil <sspatil@google.com>

am: 46f9c124

Change-Id: I47dbd9e0ae33d7e052a7ebe891de40b146508173

am: 3101d4a7

Change-Id: I688425133a1415b167a84fead69bc0ec6ec84897

This unbreaks user builds broken by recently landed changes to secilc
which is now aggressively removing attributes which aren't used in
allow rules, even when they are used in other places, such as being
referenced from *_contexts files.

User builds are broken by vndservice_manager_type not being found when
checkfc is run for *vndservice_contexts targets.

Test: On a clean user build: mmma system/sepolicy
Bug: 37319524
Bug: 36508258
Change-Id: I4a1727a74122ecd9020c3831462d56a65ee6d304

am: 4641f672

Change-Id: I55a7e1a27b972c6620955377f8efe5716ae8a34e

ag/2106481 negatively interfered with ag/2106263...

Test: mmm system/sepolicy
Bug: 34454312
Change-Id: If3f5ef6696341ccfdd706350ec670f8426dac9c9

am: b866a957

Change-Id: Ib066dc9c3db167117176a7983294ed821f6865df

am: 4b83f5c6

Change-Id: Ia8d5a2077319de3e2f12fc73a30e2167c41bcdf8

am: 9bdb66b2

Change-Id: I89b6a808dc8422dcf2d45f74000e0e912fb2f60b

So it won't get compiled out of sepolicy.

Test: marlin build
Change-Id: I3a089fe83df69a76bebf64f874556967bc49ee78

am: 9aecb842

Change-Id: Iea0bdfab1b935b005ef67cdf74f99203a5f0d779

am: 8015cfd5

Change-Id: I32a9fb6593773701bb1a617a4899e100e3e1b1ce

am: b04bb4bc

Change-Id: I52a5adda63a2878fc7dd15d7b6a3f88294e88cf8

am: f3b5bd64

Change-Id: I7515097dc3c410fdf3544d72d9d99be772f62d0c

Remove domain_deprecated from bluetooth. This removes some unnecessarily
permissive rules.

Bug: 25433265
Test: All of the permissions being removed were being audited. Verify
      that no audited (granted) avc messages for bluetooth exist in
      in the logs.

Change-Id: Ifa12a0f1533edcb623bbb9631f88f1ff1d6d7085

These were previously in device specific sepolicies.
They should be in core sepolicy to reflect their
use by a core init file, init.usb.configfs.rc.

Addresses denial:

init    : type=1400 audit(0.0:135): avc: denied { unlink } for name="f1"
dev="configfs" ino=10923 scontext=u:r:init:s0
tcontext=u:object_r:configfs:s0 tclass=lnk_file permissive=0

Test: denial addressed
Change-Id: I869892f9d0c311b727462fb380f4160feb986215

This adds restrictions on which domains can register this HwBinder
service with hwservicemanager and which domains can obtain tokens for
this service from hwservicemanager.

Test: Use Google Camera app to take HDR+ photo, conventional photo,
      record video with sound, record slow motion video with sound.
      Check that the photos display correctly and that videos play
      back fine and with sound. Check that there are no SELinux
      denials to do with camera.
Bug: 34454312
Change-Id: Icfaeed917423510d9f97d18b013775596883ff64

am: b36c9bcd

Change-Id: I14c5cc32b60ad5a9fd6251623aa5f4a40f2c6816

am: f6daa78a

Change-Id: Ib13710096945e58f69a6537f7f6b680a0523a851

hwservicemanager can check hwservice_contexts files
both from the framework and vendor partitions.

Initially, have a wildcard '*' in hwservice_contexts
that maps to a label that can be added/found from
domain. This needs to be removed when the proper policy
is in place.

Also, grant su/shell access to hwservicemanager list
operations, so tools like 'lshal' continue to work.

Bug: 34454312
Test: Marlin boots
Change-Id: I3a02d97a82458692b528d85c1b8e78b6f82ea1bc

Test: trigger dumpsys storaged from GMScore
Bug: 37284569
Change-Id: Ie734ce5487a69f8cc29dd73d470229fe81cd1176

Attributes added to the policy by the policy compiler are causing
performance issues. Telling the compiler to expand these
auto-generated attributes to their underlying types prevents
preemtion during policy lookup.

With this patch the number of attributes in policy drops from
845 to 475. The number of attributes assigned to the bluetooth domain
drops from 41 to 11.

Bug: 3650825
Test: Build and boot Marlin
Change-Id: Ica06e82001eca323c435fe13c5cf4beba74999e2

am: 4d24a775

Change-Id: I6a11f6e6a622a1381714e09da09c9f19f12d544d

am: 552fb537

Change-Id: Ia40fa9265a72ced8239e2315716b33715e0644eb

All HALs which are represented by hal_* attributes in SELinux policy
are required to run in binderized mode on Treble devices. This commit
thus makes the SELinux policy for Treble devices no longer associate
domains in hal_x_client with hal_x attribute, which is what was
granting domains hosting clients of hal_x the rules needed to run this
HAL in-process. The result is that core components have now less
access.

This commit has no effect on non-Treble devices.

Test: Device boots -- no new denials
Test: Play movie using Google Play Movies and Netflix
Test: Play YouTube clip in YouTube app and in Chrome
Test: Unlock lock screen using fingerprint
Test: Using Google Camera, take a photo, an HDR+ photo, record a
      video with sound, a slow motion video with sound. Photos and
      videos display/play back fine (incl. sound).
Test: adb screencap
Test: $ monitor
      take screenshot
Test: In all tests, no deials to do with hal_*, except pre-existing
      denials to do with hal_gnss.
Bug: 37160141
Bug: 34274385
Bug: 34170079
Change-Id: I1ca91d43592b466114af13898f5909f41e59b521

commit 552fb537 fixed an undefined
module error by removing the module when not defined (on non-treble
devices), but the sepolicy build on non-treble devices was changed
to rely on the split treble files, even though the split is not used.
Change this so that the file is always present, to allow policy
compilation.

Test: policy fully builds.
Change-Id: Ia0934c739336cea54228bbff8d6644aa3ae501e5

Specifying an empty module causes a build error, so make sure that
if there is no $(platform_mapping_file) the MODULE is not included.

Test: Makefiles parsed without error.
Change-Id: Ie99e6534c388a3d42bf90cdfef5ee64d5c640fa0