Skip to content
Snippets Groups Projects
Select Git revision
  • test default
1 result
Search by author
  • Any Author
  • Admin, Lime Admin, Lime lime_admin
  • CodeLinaro CodeLinaro codelinaro
  • CodeLinaro Hoperun CodeLinaro Hoperun hoperun
  • Joshua S. (Stage) Joshua S. (Stage) joshua.sickmeyer
  • Park, Jae Woo Park, Jae Woo jaewpark
5 authors
  1. Nov 29, 2018
  3. Nov 28, 2018
  5. Nov 27, 2018
    • Yiwei Zhang's avatar
      [gpuservice] allow "adb shell cmd gpu vkjson" · ff0f79c1
      Yiwei Zhang authored 
      Also allow adb shell dumpsys gpu to not return error.

Bug: 120095213
Test: flash non-eng build and adb shell cmd gpu vkjson
Change-Id: Ia4a50a475ce76ec35e082dd52d4a6c80dde7f571
      ff0f79c1
    • Branden Archer's avatar
      Allow init to set powerctl property · d36b1d5f
      Branden Archer authored 
      NIAP certification requires that all cryptographic functions
undergo a self-test during startup to demonstrate correct
operation. init now performs this check during startup.

The self-test is forked from init. For the child process
to be able to request a reboot it needs permissions to
set the sys.powerctl property.

Bug: 119826244
Test: Built for walleye. When the BoringSSL self test was forced
      to fail the device rebooted into the bootloader, as
      expected.

Change-Id: I4171b1dd0a5e393252ae5c002171ac51c9cbb3e6
      d36b1d5f
    • Nick Kralevich's avatar
      Add compile time check for expanded attribute neverallow failure · 94c88932
      Nick Kralevich authored 
      The SELinux policy language supports an expandattribute statement.
Similar to the C "inline" declaration, this expands the permissions
associated with types, instead of using the attribute directly. Please
see
https://android.googlesource.com/platform/external/selinux/+/1089665e31a647a5f0ba2eabe8ac6232b384bed9
for more detail on this language option.

Expansion of attributes causes consistency problems with CTS. If a
neverallow rule exists which refers to an expanded attribute, the CTS
neverallow test will fail, because the policy does not have the
attribute embedded in it. Examples:

  * b/119783042 (fixed in 536d3413)
  * b/67296580 (fixed in 6f7e8609)
  * b/63809360 (fixed in 89f215e6)
  etc...

Instead of waiting for the CTS test to fail, modify the Android.mk file
so that we do checks similar to CTS. This allows us to fail at compile
time instead of waiting for a CTS bug. For example, for b/119783042,
instead of the compile succeeding, it will now fail with the following
error message:

  [ 70% 190/268] build out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
  FAILED: out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
  /bin/bash -c "(ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c
  30 -o out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp
  out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/policy.conf ) &&
  (out/host/linux-x86/bin/sepolicy-analyze
  out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp
  neverallow -w -f out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/policy_2.conf
  || 	  ( echo \"\" 1>&2; echo \"sepolicy-analyze failed. This is most likely due to the use\" 1>&2;
  echo \"of an expanded attribute in a neverallow assertion. Please fix\" 1>&2;
  echo \"the policy.\" 1>&2; exit 1 ) ) &&
  (touch out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp )
  && (mv out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp
  out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows )"
  libsepol.report_failure: neverallow violated by allow vold hal_bootctl_default:binder { call };
  libsepol.check_assertions: 1 neverallow failures occurred

  sepolicy-analyze failed. This is most likely due to the use
  of an expanded attribute in a neverallow assertion. Please fix
  the policy.
  15:44:27 ninja failed with: exit status 1

Test: Revert 536d3413 and verify compile
      fails as above.
Test: Compile succeeds
Bug: 119783042

Change-Id: I5df405b337bb744b838dadf53a2234d8ed94bf39
      94c88932
    • Hongyi Zhang's avatar
      grant system_server read permission of server_configurable_flags_data · b61ac077
      Hongyi Zhang authored 
      server_configurable_flags_data_file is used for storing server
configurable flags which have been reset during current booting.
system_server needs to read the data to perform related disaster
recovery actions.
For how the data is read, see SettingsToPropertiesMapper.java.

Test: build succeeds & manual on device
Change-Id: Ifa22aecc13af2c574579299d28433622abbe6b85
      b61ac077
    • Daniel Rosenberg's avatar
      Allow vold to remount · 478ca55b
      Daniel Rosenberg authored 
      remount is needed for commiting checkpoints under f2fs

Test: vdc checkpoint commitChanges
Bug: 111020314
Change-Id: If7d4ab641b59d3e942d9d8a72bd91be08680227b
      478ca55b
    • Mikhail Naganov's avatar
      Merge "Allow audioserver to access persist.log.tag" · d81a36ad
      Mikhail Naganov authored
      d81a36ad
    • Nick Kralevich's avatar
      Merge "use hal_bootctl_server in neverallow rule" · f56b5d97
      Nick Kralevich authored
      f56b5d97
    • Nick Kralevich's avatar
      use hal_bootctl_server in neverallow rule · 536d3413
      Nick Kralevich authored 
      Hals have 3 attributes associated with them, the attribute itself, the
_client attribute, and the _server attribute. Only the server attribute
isn't expanded using the expandattribute keyword, and as a result, is
the only attribute which can be used in neverallow rules.

Fix neverallow rule to use hal_bootctl_server, which is not expanded,
instead of hal_bootctl.

Introduced in: https://android-review.googlesource.com/c/platform/system/sepolicy/+/777178

Test: policy compiles
Bug: 119500144
Change-Id: I8cff9cc03f4c30704175afb203c68f237fbd61ca
      536d3413
  7. Nov 26, 2018
    • Nick Kralevich's avatar
      use tmpfile during build · 6b2a4aea
      Nick Kralevich authored 
      During the build process, use a temporary file until we've determined
that every step of the build process has completed. Failure to do this
may cause subsequent invocations of the make command to improperly
assume that this step ran to completion when it didn't.

Test: code compiles.
Change-Id: I9a28e653e33b61446a87278975789376769bcc6a
      6b2a4aea
  9. Nov 24, 2018
  11. Nov 23, 2018
  13. Nov 22, 2018
    • Neda Topoljanac's avatar
      SELinux policy for new managed system update APIs · bffe163b
      Neda Topoljanac authored 
      We introduced a new API to allow Device Owner to install an OTA file on disk.
This in turn requires system_server to be able to copy the OTA file to a known
OTA file location, call into update_engine to start the installation and let
update_engine to call back to the system_server to deliver any error conditions
asynchronously. This CL modifies the SELinux policy to allow these interaction.

Test: manual in TestDPC, CTS tests for negative cases: atest com.android.cts.devicepolicy.DeviceOwnerTest#testInstallUpdate
Change-Id: Id1fbea9111f753c5c80f270c269ecb9ef141cd79
Bug: 111173669
      bffe163b
    • Treehugger Robot's avatar
      Merge "Allow to execute postinstall in adb sideload" · d1b18a79
      Treehugger Robot authored
      d1b18a79
    • Yifan Hong's avatar
      Allow to execute postinstall in adb sideload · 1817cbde
      Yifan Hong authored 
      In recovery, everything is labeled rootfs, including
/system/bin/*. Allow postinstall to execute them in recovery.

Test: sideload
Bug: 116608795
Fixes: 119877813
Change-Id: I5682bdecd0df1cb9ff3bc968ea29449b0b8588f4
      1817cbde
  15. Nov 21, 2018
  17. Nov 20, 2018