- Sep 24, 2019
-
-
Tri Vo authored
Bug: 138545724 Test: n/a (cherry picked from commit 3d58603623dd67b181fb965f437c552428c979bc) Change-Id: I03c2430778f1112679090bb7aad234c907384ea1 CRs-Fixed: 2491659
-
- Sep 13, 2019
-
-
Roland Levillain authored
SELinux has a separate file mmap permission in 4.14+ kernels. Add this to dexoptanalyzer(d) in cases where it could already access files (in particular, secondary dex files). Addresses denials of the form: avc: denied { map } for […] path="/data/data/[…]" […] scontext=u:r:dexoptanalyzer:s0 tcontext=u:object_r:app_data_file:s0 (cherry picked from commit c72b7d17310499f6bd6545e0e509fd603045d329) Test: Reproduce steps in bug 138683603 on a device with a 4.14+ kernel and check the absence of SELinux denials Bug: 138683603 Change-Id: Ieba53eb431c0ba3914dcb5e5abdae667bd063555
-
- Aug 13, 2019
-
-
Carmen Jackson authored
This should be available in user and userdebug builds. Bug: 137289935 Test: Alongside atrace changes, recorded a trace using Traceur and verified that the tracepoints were included in the recorded trace in both user and userdebug builds. Change-Id: I6131557bdd0a298be9e75b39759599b189b9b988 Merged-In: I6131557bdd0a298be9e75b39759599b189b9b988
-
- Jul 16, 2019
-
-
Daniel Rosenberg authored
Required to check if migration is necessary and migrate obb contents Bug: 136199978 Test: make Change-Id: I23890e4eeea1da7791e25ce5c9584b1abe94f440 (cherry picked from commit 793dc8f8)
-
- Jul 12, 2019
-
-
Daniel Rosenberg authored
Required to check if migration is necessary and migrate obb contents Bug: 136199978 Test: make Change-Id: I23890e4eeea1da7791e25ce5c9584b1abe94f440
-
- Jun 28, 2019
-
-
Sidath Senanayake authored
This will allow Perfetto to capture GPU frequency changes on the target, which is useful to graphics developers using Perfetto to profile graphics HW usage. This change also updates the private prebuilt at version 29.0 to match the update. Bug: 136062452 Merged-In: Idb7870b2f674f1359ef3b4487dbeff190b394248 Change-Id: Ib98ba10d96caa199d7030be3a17148045576a80c
-
- Jun 27, 2019
-
-
Todd Kennedy authored
In order to show licensing information, we need to read it from an asset stored in the .apex file. Bug: 135183006 Test: Manual; settings can access apex files stored on /data Change-Id: I71fbde6e295d9c890c9b9b0449e5150834a6680e Merged-In: I71fbde6e295d9c890c9b9b0449e5150834a6680e
-
- Jun 19, 2019
-
-
Pirama Arumuga Nainar authored
Bug: http://b/135139675 Coverage files are written to /data/misc/trace (governed by the method_trace_data_file selinux type). Allow all domains to access (create directories, access files) this directory when native coverage is enabled (by setting NATIVE_COVERAGE to true) in an userdebug or eng build. Also relax neverallow constraints to allow access to method_trace_data_file for native coverage builds. Test: Build 32-bit cuttlefish with coverage: m NATIVE_COVERAGE=true COVERAGE_PATHS="*" and verify that there are no selinux denials in kernel log and logcat. Change-Id: I3fe7c77612854b9de7de7a0ddd5cbf44a2f5c21e (cherry picked from commit ce9c0c5a5fbd3fda8e1fd102d2bf1ca6afebbdf9)
-
Kevin Chyn authored
Test: manual Bug: 126802513 Change-Id: If037483f305e161a158e30f6322d5e25b7770952
-
Benjamin Schwartz authored
Bug: 135111122 Test: Ran "adb shell am hang" and verified that power.stats HAL information is in /data/anr/<anr_file> Change-Id: I60a6191626a20c737124033e8ad453fa91425e39
-
- Jun 17, 2019
-
-
Tao Bao authored
This property will be set by system_server (to indicate the currently selected theme for device), and can be accessed by vendor init.rc. avc: denied { read } for property=persist.sys.theme pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:theme_prop:s0 tclass=file Bug: 113028175 Test: Set a vendor init trigger that waits on `persist.sys.theme`. Check that the trigger fires without denial. Change-Id: Ibb4e392d5059b76059f36f7d11ba82cd65cbe970
-
- Jun 14, 2019
-
-
Jeff Vander Stoep authored
avc: denied { sigchld } for comm="main" scontext=u:r:system_server_startup:s0 tcontext=u:r:zygote:s0 tclass=process permissive=0 Test: build Bug: 134496658 Change-Id: I98c106b17ba1740f953c3108bd0fc927c150096f (cherry picked from commit 67dc274f87b25b80d507f8ad8263648f5f9a1dd1)
-
- Jun 07, 2019
-
-
Ryan Savitski authored
This set of patches adds a way for the perfetto command line client to save a trace to a hardcoded location, /data/misc/perfetto-traces/incident-trace, and call into incidentd to start a report, which will include said trace in a new section. This is not a long-term solution, and is structured to minimize changes to perfetto and incidentd. The latter is currently architected in a way where it can only pull pre-defined information out of the system, so we're resorting to persisting the intermediate results in a hardcoded location. This will introduce at most two more linked files at the same time. Bug: 130543265 Bug: 134706389 Tested: manually on crosshatch-userdebug Merged-In: I2aa27e25f0209b3a5cdf5d550d0312693932b808 Change-Id: I2aa27e25f0209b3a5cdf5d550d0312693932b808 (cherry picked from commit ce3a33ff182ce49cf91091cea553a3003d2c20f6)
-
- May 29, 2019
-
-
Daniel Norman authored
Bug: 121350843 Change-Id: I0977d31b1959c86fbec1f13676cd1554fa602eb4
-
- May 28, 2019
-
-
David Anderson authored
Bug: 133435561 Test: adb shell gsi_tool install Change-Id: Iaa610c72d8098e157bb89e321624369f86f4ea19 Merged-In: Iaa610c72d8098e157bb89e321624369f86f4ea19
-
- May 23, 2019
-
-
Max Dashouk authored
Bug: 132444397 Test: manually tested with ag/7555609 Change-Id: I9e5f0a9d501a6728af3f27241300b3bb5c5c2123 Merged-In: I9e5f0a9d501a6728af3f27241300b3bb5c5c2123 (cherry picked from commit febfa8f22dc829c32ed493969afc43378e327ecf)
-
Narayan Kamath authored
.. and let installd execute it. Required to migrate legacy obb contents Bug: 129167772 Test: make Change-Id: I35d35016680379e3a9363408704ee890a78a9748
-
Pawin Vongmasa authored
Test: make cts -j123 && cts-tradefed run cts-dev -m \ CtsMediaTestCases --compatibility:module-arg \ CtsMediaTestCases:include-annotation:\ android.platform.test.annotations.RequiresDevice Bug: 131677974 Change-Id: I59c3d225499a8c53c2ed9f3bd677ff3d7423990b
-
- May 21, 2019
-
-
Tao Bao authored
This is a matching change for commit 8f39cce7 ("Add vendor_misc_writer."), which updates the prebuilts for API 29. Bug: 132906936 Test: Build crosshatch that includes misc_writer module. Invoke /vendor/bin/misc_writer to write data to /misc. Change-Id: Id12a1ed45c8cef6e4039a9dda6a1fb41f9e014de
-
- May 19, 2019
-
-
Ryan Savitski authored
Similar to aosp/961857, but enables the logging of atrace events from the camera HAL (primarily HIDL interactions, but also a couple of ION events). Keeping it confined to userdebug_or_eng. Longer-term planning belongs on b/78136428. Not adding fwk_camera_hwservice, as it is a HIDL interface to cameraserver (which is already covered above). Plus slight reorganization of existing atrace.te contents, and donaudits to reduce logspam from denials (including pre-existing ones that were hitting the rate limiter). Specific denials addressed (listing HALs, finding camera HAL, notifying it): 05-15 18:07:19.684 618 618 E SELinux : avc: denied { list } for scontext=u:r:atrace:s0 tcontext=u:r:hwservicemanager:s0 tclass=hwservice_manager permissive=1 05-15 18:07:19.701 618 618 E SELinux : avc: denied { find } for interface=android.hardware.camera.provider::ICameraProvider sid=u:r:atrace:s0 pid=10137 scontext=u:r:atrace:s0 tcontext=u:object_r:hal_camera_hwservice:s0 tclass=hwservice_manager permissive=1 05-15 18:07:19.698 10137 10137 I atrace : type=1400 audit(0.0:273): avc: denied { call } for scontext=u:r:atrace:s0 tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=1 Bug: 130543265 Tested: flashed blueline-userdebug, took a trace with perfetto, confirmed HIDL atrace slices present in camera hal trace. Merged-In: I0f8ce989355603e41d6c05c3de07e7dd615555eb Change-Id: I0f8ce989355603e41d6c05c3de07e7dd615555eb (cherry picked from commit 19459a38026f89e266a07cbed88a586f95830ca5)
-
- May 16, 2019
-
-
Ryan Savitski authored
This allows the atrace cmd to notify cameraserver (the host of media.camera service) that the set of tracing-related system properties have changed. This allows the cameraserver to notice that it might need to enable its trace events. The atrace cmd has the necessary permission when running as shell, but not when it is running as the "atrace" domain (notably when exec'd by perfetto's traced_probes). We're adding cameraserver to the whitelist as it contains important events for investigating the camera stack. Example denial: 05-14 22:29:43.501 8648 8648 W atrace : type=1400 audit(0.0:389): avc: denied { call } for scontext=u:r:atrace:s0 tcontext=u:r:cameraserver:s0 tclass=binder permissive=0 Tested: flashed blueline-userdebug, captured a perfetto trace with "camera" atrace category, confirmed that userspace atrace events are included in the trace. Bug: 130543265 Merged-In: Ifd3fd5fd3a737c7618960343b9f89d3bf7141c94 Change-Id: Ifd3fd5fd3a737c7618960343b9f89d3bf7141c94 (cherry picked from commit 232295e8dbb25017676e8a68daabc4457addbe31)
-
- May 15, 2019
-
-
Ian Pedowitz authored
This is a hacked version of ag/7282335 as qt-release is behind qt-dev Bug: 129943426 Test: Build Change-Id: I5863d433668b90a641d07fdbcd30ed82b28c9c1a (cherry picked from commit 8d411adea3eba1e943e45e104113f4efbc3d5d65)
-
Ian Pedowitz authored
Bug: 129943426 Test: Build Change-Id: I3e091652fa8d1757b1f71f7559186d5b32f000d5
-