Bug: 138545724
Test: n/a

(cherry picked from commit 3d58603623dd67b181fb965f437c552428c979bc)

Change-Id: I03c2430778f1112679090bb7aad234c907384ea1
CRs-Fixed: 2491659

Bug: 140882488
Test: create files and dirs in /data/per_boot, check they're removed.
Cherry-Picked-From: 2367ba358f0ec0c0c591e3e2feadabf891f38eef
Merged-In: Idf0ba09cbe51cbff6a7b2a464c4651a1f7fcf343
Change-Id: Idf0ba09cbe51cbff6a7b2a464c4651a1f7fcf343

SELinux has a separate file mmap permission in 4.14+ kernels. Add this
to dexoptanalyzer(d) in cases where it could already access files (in
particular, secondary dex files).

Addresses denials of the form:

  avc: denied { map } for […] path="/data/data/[…]" […]
  scontext=u:r:dexoptanalyzer:s0 tcontext=u:object_r:app_data_file:s0

(cherry picked from commit c72b7d17310499f6bd6545e0e509fd603045d329)

Test: Reproduce steps in bug 138683603 on a device with a 4.14+ kernel
      and check the absence of SELinux denials
Bug: 138683603

Change-Id: Ieba53eb431c0ba3914dcb5e5abdae667bd063555

Tag gpu_service as app_api_service. This is the corresponding api 29.0
change to the public service.te from commit aosp/1105058
(I30a951cd712b0ae4aacd2c4d6d42e74fac5c0707).

Bug: 139685237
Test: m selinux_policy
Change-Id: Ia23cdd5f59b40a3e99cae424d9cf41d5e7442631

This should be available in user and userdebug builds.

Bug: 137289935
Test: Alongside atrace changes, recorded a trace using Traceur and
verified that the tracepoints were included in the recorded trace in
both user and userdebug builds.

Change-Id: I6131557bdd0a298be9e75b39759599b189b9b988
Merged-In: I6131557bdd0a298be9e75b39759599b189b9b988

Required to check if migration is necessary and migrate obb contents

Bug: 136199978
Test: make
Change-Id: I23890e4eeea1da7791e25ce5c9584b1abe94f440
(cherry picked from commit 793dc8f8)

Required to check if migration is necessary and migrate obb contents

Bug: 136199978
Test: make
Change-Id: I23890e4eeea1da7791e25ce5c9584b1abe94f440

Bug: 135550670
Test: Boot with SELinux enforcing
Change-Id: I61c30abc39909a263a2c402a5c0eb1de570748bb

To reduce the DPU loading in color conversion, we enable device-specific
dataspace for color space agnostic surfaces. Since the type of surfaces
usually provide gray-level surfaces to users, it can be acceptable to
ignore the color conversion on them.

Bug: 134783740
Bug: 135140940
Test: Check ScreenDecorOverlays in expected dataspace
Test: Play HDR video on C2 and check dataspace
Change-Id: Ief32f0ff3867b2e154fecd6c9ebd6610b0e6ed11

This will allow Perfetto to capture GPU frequency changes
on the target, which is useful to graphics developers
using Perfetto to profile graphics HW usage.

This change also updates the private prebuilt at version
29.0 to match the update.

Bug: 136062452
Merged-In: Idb7870b2f674f1359ef3b4487dbeff190b394248
Change-Id: Ib98ba10d96caa199d7030be3a17148045576a80c

In order to show licensing information, we need to read it from
an asset stored in the .apex file.

Bug: 135183006
Test: Manual; settings can access apex files stored on /data
Change-Id: I71fbde6e295d9c890c9b9b0449e5150834a6680e
Merged-In: I71fbde6e295d9c890c9b9b0449e5150834a6680e

Bug: http://b/135139675

Coverage files are written to /data/misc/trace (governed by the
method_trace_data_file selinux type).  Allow all domains to access
(create directories, access files) this directory when native coverage
is enabled (by setting NATIVE_COVERAGE to true) in an userdebug or eng
build.

Also relax neverallow constraints to allow access to
method_trace_data_file for native coverage builds.

Test: Build 32-bit cuttlefish with coverage:
          m NATIVE_COVERAGE=true COVERAGE_PATHS="*"
      and verify that there are no selinux denials in kernel log and
      logcat.

Change-Id: I3fe7c77612854b9de7de7a0ddd5cbf44a2f5c21e
(cherry picked from commit ce9c0c5a5fbd3fda8e1fd102d2bf1ca6afebbdf9)

Test: manual
Bug: 126802513

Change-Id: If037483f305e161a158e30f6322d5e25b7770952

Bug: 135111122
Test: Ran "adb shell am hang" and verified that power.stats HAL
information is in /data/anr/<anr_file>
Change-Id: I60a6191626a20c737124033e8ad453fa91425e39

This CL fixes the following denials during libdm_test
that is part of VTS.

avc: denied { read } for comm="loop1" path=2F6D656D66643A66696C655F32202864656C6574656429
dev="tmpfs" ino=97742 scontext=u:r:kernel:s0 tcontext=u:object_r:appdomain_tmpfs:s0
tclass=file permissive=0
W loop1   : type=1400 audit(0.0:371): avc: denied { read } for
path=2F6D656D66643A66696C655F32202864656C6574656429 dev="tmpfs" ino=97742 scontext=u:r:kernel:s0
tcontext=u:object_r:appdomain_tmpfs:s0 tclass=file permissive=0

Bug: 135004816
Test: adb shell libdm_test
Change-Id: Ifb6d58ee6f032cdf3952a05667aa8696d6e2a2fa

This property will be set by system_server (to indicate the currently
selected theme for device), and can be accessed by vendor init.rc.

avc:  denied  { read } for property=persist.sys.theme pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:theme_prop:s0 tclass=file

Bug: 113028175
Test: Set a vendor init trigger that waits on `persist.sys.theme`. Check
      that the trigger fires without denial.
Change-Id: Ibb4e392d5059b76059f36f7d11ba82cd65cbe970

avc: denied { sigchld } for comm="main"
scontext=u:r:system_server_startup:s0 tcontext=u:r:zygote:s0
tclass=process permissive=0

Test: build
Bug: 134496658
Change-Id: I98c106b17ba1740f953c3108bd0fc927c150096f
(cherry picked from commit 67dc274f87b25b80d507f8ad8263648f5f9a1dd1)

This set of patches adds a way for the perfetto command line client to
save a trace to a hardcoded location,
/data/misc/perfetto-traces/incident-trace, and call into incidentd to
start a report, which will include said trace in a new section.

This is not a long-term solution, and is structured to minimize changes
to perfetto and incidentd. The latter is currently architected in a way
where it can only pull pre-defined information out of the system, so
we're resorting to persisting the intermediate results in a hardcoded
location.

This will introduce at most two more linked files at the same time.

Bug: 130543265
Bug: 134706389
Tested: manually on crosshatch-userdebug
Merged-In: I2aa27e25f0209b3a5cdf5d550d0312693932b808
Change-Id: I2aa27e25f0209b3a5cdf5d550d0312693932b808
(cherry picked from commit ce3a33ff182ce49cf91091cea553a3003d2c20f6)

Bug: 121350843
Change-Id: I0977d31b1959c86fbec1f13676cd1554fa602eb4

Bug: 133435561
Test: adb shell gsi_tool install
Change-Id: Iaa610c72d8098e157bb89e321624369f86f4ea19
Merged-In: Iaa610c72d8098e157bb89e321624369f86f4ea19

Bug: 132444397
Test: manually tested with ag/7555609

Change-Id: I9e5f0a9d501a6728af3f27241300b3bb5c5c2123
Merged-In: I9e5f0a9d501a6728af3f27241300b3bb5c5c2123
(cherry picked from commit febfa8f22dc829c32ed493969afc43378e327ecf)

These lines are copied from update_engine.te, and are needed to update
dynamic partitions in recovery.

Bug: 132943965
Test: sideload OTA on cuttlefish
Change-Id: Id03a658aac69b8d20fa7bb758530a4469c75cf9c
Merged-In: Id03a658aac69b8d20fa7bb758530a4469c75cf9c

.. and let installd execute it. Required to migrate legacy obb contents

Bug: 129167772
Test: make

Change-Id: I35d35016680379e3a9363408704ee890a78a9748

Test: make cts -j123 && cts-tradefed run cts-dev -m \
CtsMediaTestCases --compatibility:module-arg \
CtsMediaTestCases:include-annotation:\
android.platform.test.annotations.RequiresDevice

Bug: 131677974
Change-Id: I59c3d225499a8c53c2ed9f3bd677ff3d7423990b

hal_omx needs to access audio devices to use OMX HW decoders and
encoders. Allow hal_omx to access audio devices.

authored-by: Banajit Goswami <bgoswami@codeaurora.org>

Bug: 133224154
Change-Id: I742c29c4105e5647ca1a7e017e311559a0567b52
(cherry picked from commit 155ca12879c8a1fcd78fa8ee684b289c572e30da)

Fixes the following denial during boot:

[    1.358156] selinux: SELinux: Could not set context for
/dev/block/platform/soc/1d84000.ufshc/by-name/super:  Permission denied\x0a
[    1.358275] audit: type=1400 audit(951562.676:7):
avc:  denied  { relabelto } for  pid=1 comm="init" name="super"
dev="tmpfs" ino=17657 scontext=u:r:init:s0 tcontext=u:object_r:super_block_device:s0
tclass=lnk_file permissive=0

Bug: 124410201
Test: make
Change-Id: Ib6752b8a6ae4211ba8c0a7417295b8144a2fed67
Merged-In: Ib6752b8a6ae4211ba8c0a7417295b8144a2fed67

This is a matching change for commit 8f39cce7 ("Add
vendor_misc_writer."), which updates the prebuilts for API 29.

Bug: 132906936
Test: Build crosshatch that includes misc_writer module. Invoke
      /vendor/bin/misc_writer to write data to /misc.
Change-Id: Id12a1ed45c8cef6e4039a9dda6a1fb41f9e014de

This is a matching change for commit 97d45619 ("Set
persist.sys.device_provisioned vendor-init-readable."), which updates
the prebuilts for API 29.

Bug: 131702833
Bug: 132906936
Test: Set an init trigger that waits on `persist.sys.device_provisioned`.
      Check that there's no longer a denial.
Change-Id: I2cea3d000b7faa471fa524dcd7a3d4843ae5960f

Test: adb bugreport
Test: verified vold stacktrace is present in bugreport
Bug: 132344997
Change-Id: I0ebf7f171d854b9aaf894ccb8c7a5f68f18e692b

Bug: 130684082
Test: boots
Change-Id: I7ee84a5ff1024162037634d6f5efe7b09557e18a

Similar to aosp/961857, but enables the logging of atrace events from
the camera HAL (primarily HIDL interactions, but also a couple of ION
events).

Keeping it confined to userdebug_or_eng. Longer-term planning belongs on
b/78136428.

Not adding fwk_camera_hwservice, as it is a HIDL interface to
cameraserver (which is already covered above).

Plus slight reorganization of existing atrace.te contents, and donaudits
to reduce logspam from denials (including pre-existing ones that were
hitting the rate limiter).

Specific denials addressed (listing HALs, finding camera HAL, notifying it):
05-15 18:07:19.684   618   618 E SELinux : avc:  denied  { list } for  scontext=u:r:atrace:s0 tcontext=u:r:hwservicemanager:s0 tclass=hwservice_manager permissive=1
05-15 18:07:19.701   618   618 E SELinux : avc:  denied  { find } for interface=android.hardware.camera.provider::ICameraProvider sid=u:r:atrace:s0 pid=10137 scontext=u:r:atrace:s0 tcontext=u:object_r:hal_camera_hwservice:s0 tclass=hwservice_manager permissive=1
05-15 18:07:19.698 10137 10137 I atrace  : type=1400 audit(0.0:273): avc: denied { call } for scontext=u:r:atrace:s0 tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=1

Bug: 130543265
Tested: flashed blueline-userdebug, took a trace with perfetto, confirmed HIDL atrace slices present in camera hal trace.
Merged-In: I0f8ce989355603e41d6c05c3de07e7dd615555eb
Change-Id: I0f8ce989355603e41d6c05c3de07e7dd615555eb
(cherry picked from commit 19459a38026f89e266a07cbed88a586f95830ca5)

Test: set ro.surface_flinger.set_touch_timer_ms from init
Bug: 131906818
Change-Id: If489ae4ac993984305f764fb172014f42c41df67

This allows the atrace cmd to notify cameraserver (the host of
media.camera service) that the set of tracing-related system properties
have changed. This allows the cameraserver to notice that it might need
to enable its trace events.

The atrace cmd has the necessary permission when running as shell, but
not when it is running as the "atrace" domain (notably when exec'd by
perfetto's traced_probes).

We're adding cameraserver to the whitelist as it contains important
events for investigating the camera stack.

Example denial:
05-14 22:29:43.501  8648  8648 W atrace  : type=1400 audit(0.0:389): avc: denied { call } for scontext=u:r:atrace:s0 tcontext=u:r:cameraserver:s0 tclass=binder permissive=0

Tested: flashed blueline-userdebug, captured a perfetto trace with "camera" atrace category, confirmed that userspace atrace events are included in the trace.
Bug: 130543265
Merged-In: Ifd3fd5fd3a737c7618960343b9f89d3bf7141c94
Change-Id: Ifd3fd5fd3a737c7618960343b9f89d3bf7141c94
(cherry picked from commit 232295e8dbb25017676e8a68daabc4457addbe31)

This is a hacked version of ag/7282335 as qt-release is behind qt-dev

Bug: 129943426
Test: Build
Change-Id: I5863d433668b90a641d07fdbcd30ed82b28c9c1a
(cherry picked from commit 8d411adea3eba1e943e45e104113f4efbc3d5d65)

Bug: 129943426
Test: Build
Change-Id: I3e091652fa8d1757b1f71f7559186d5b32f000d5