Bug: 111276913
Test: manual verification

Change-Id: If76dc7bfdad87789a58fc94e0fd280deae1a41ab

am: 5ff62351

Change-Id: I816f9253ed32d34650368b531fded7379bd24931

am: f6603869

Change-Id: I890a44a5543214358d1a8800efec687136eab7d8

am: 3350a794

Change-Id: Id4d0dec468666e1e0c9f2edfef5a287b3caf0d33

am: 69f8c917

Change-Id: I5bdb6d28171f1ed2568bf5b76946806e7fb62872

am: 652c738c

Change-Id: I112bfdaf1022fe0accda38401a39ae0fbd18a02d

am: 90760a9e

Change-Id: I35e13a73950781aa526a1c15fe6f83df10c59719

am: 0abebec4

Change-Id: I8ff1727e4c85ae956491338606b3a563cb3a927a

am: d23d3392

Change-Id: I5a5d8b102d6008a23d81626384cfde486dd8c4cc

am: cc18ba70

Change-Id: I45f4088fae0c16e696b5223a9d853f0ffa46525c

am: d67776ca

Change-Id: I1055e4cc748d21a5366404a3715a58ff4ee7e191

The isolated service that do nothing except for both AIDL's basic
skeleton and service binding. It still got the SELinux denied.
This should fix presubmit test.

01-01 00:00:29.196  6121  6121 I auditd  : type=1400 audit(0.0:6):
avc: denied { getattr } for comm="convert.service"
path="/data/data/com.android.externalstorage" dev="sda35" ino=655437
scontext=u:r:isolated_app:s0:c0,c256,c512,c768
tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0

Test: ag/5681059 ag/5660144
Bug: 120394782
Change-Id: I7838def96da30b88d510dab860ed9779a0d4d5ed

am: 5fe46b46

Change-Id: I1c3f23c038d296ea4438a6dd91aa1e2871c5e411

am: 34e3a810

Change-Id: I322b948c48bb8697d361ba5eba3c740b22cb072f

am: 647d9163

Change-Id: Iaeb9e31d52ff4189d2b76441705f2040f5cf0d18

am: a30de38e

Change-Id: I090b00450b23beb24b5e3b3d8d562dc57f794c7d

am: bbdb25f6

Change-Id: Iaa08e7df1f328be666794ee12f0a138712c669fd

We are making a change to uevent_open_socket() in libcutils related to
setting the receive buffer size of netlink uevent sockets.

After setting SO_RCVBUF, we immediately read it back using getsockopt()
to verify that the setsockopt() call was effective. Only if it was not
effective, we call setsockopt() with SO_RCVBUFFORCE.

getsockopt() previously caused SELinux denials like the following:

 avc: denied { getopt } for comm="usb@1.1-service" scontext=u:r:hal_usb_default:s0 tcontext=u:r:hal_usb_default:s0 tclass=netlink_kobject_uevent_socket permissive=0

Bug: 119933843
Change-Id: I7bbb1eb1fa7ade2c94afc52ab1e28762f86a7d1f

Adds the necessary incantations for the new service.

Bug: 118242715
Bug: 119026403
Test: build / boot / adb shell dumpsys
Change-Id: Ibb1a356067863316d70586a61ede9f5973c1ae15

Allows battery counters to be logged in the trace. This
is to allow high fidelity attribution of battery power.

Matching feature CL: aosp/838951

SELinux denials that lead to this:
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=0
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=0 duplicate messages suppressed
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { open } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { open } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { call } for comm="traced_probes" scontext=u:r:traced_probes:s0 tcontext=u:r:hwservicemanager:s0 tclass=binder permissive=1
avc: denied { call } for comm="traced_probes" scontext=u:r:traced_probes:s0 tcontext=u:r:hwservicemanager:s0 tclass=binder permissive=1
avc: denied { search } for comm="hwservicemanage" name="26854" dev="proc" ino=4959346 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=dir permissive=1
avc: denied { search } for comm="hwservicemanage" name="26854" dev="proc" ino=4959346 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=dir permissive=1
avc: denied { read } for comm="hwservicemanage" name="current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { read } for comm="hwservicemanage" name="current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { open } for comm="hwservicemanage" path="/proc/26854/attr/current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { open } for comm="hwservicemanage" path="/proc/26854/attr/current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { getattr } for comm="hwservicemanage" scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=process permissive=1


Bug: 113076327
Change-Id: I4aabd0d70025105320c4a8d34470098807d56899

Currently, when an APEX is staged, apexd moves the file from
/data/app/vmdl*.tmp directory to /data/apex. However, the original file
is labeled with apk_tmp_file and is not readable from apexd.

We plan to resolve this issue by moving the file content via file
descriptor in between the package manager and apexd.

However, until the plan is implemented, temporarily allow apexd to
relabel the file to apex_data_file that is readable to it. This unblocks
the end-to-end test for APEX.

Bug: 112669193
Test: adb install --apex system/apex/apexd/apexd_testdata/test.apex
adb reboot; adb root; adb shell; cmd apexservice getActivePackages
The test APEX is activated

Change-Id: Ib9d4f5c699261f1fa1e6d557731767ee4d7168f9

am: f23cd2ad

Change-Id: I9a35ec10b534d044eeae5fb67b373563950d3627

am: ee48f4e2

Change-Id: I50b6dd0abcc04a8cbe452e55cf0816d30dd00ede

am: bd0fa53a

Change-Id: I1d5b17c5e68b658b2d6fbb0c3457dc91e9bbd80f

am: 9404d49e

Change-Id: If718a5dece1bf61b540bda46043b6310dd7f3aed

am: 7a89b6a1

Change-Id: Iba28ae44adff680f91b2f431e6eb8977ba5c810c

am: 5ea85b5f

Change-Id: I36482456ea4ad00f6c833969eb1566eae434fa9e

am: ba6416dc

Change-Id: I1a070da280b4e2bad1e488bba0d188e0057afda9

am: ba6ffaaa

Change-Id: I53ee74bb626c336d9247143c9f7984441f2aacde

am: f0c411c5

Change-Id: I7d956b2eaa6070a77a1bf1841dfc033e600e52bf

This is PS1 of aosp/828283 which was reverted. Using PS1 shouldn't cause
the same issue.

Test: vold is able to create directories, ag/5534962

Bug: 116528212
Change-Id: I84aca49a8dae0a087498120780dea0962aca04b3

am: 6ac0a123

Change-Id: I6efad348da1ffa270f619f6fb8c1b568d8e76de2

am: 1d9cce23

Change-Id: I59532c896d360c40f6513d9bb2ed0a05f738515f