* commit 'a2933b66':
  install_recovery: start enforcing SELinux rules

* commit '2b3c5de2':
  install_recovery: start enforcing SELinux rules

* commit '5b347a60':
  allow ueventd sysfs_type lnk_file

* commit '1d2ff869':
  allow ueventd sysfs_type lnk_file

ueventd is allowed to change files and directories in /sys,
but not symbolic links. This is, at a minimum, causing the
following denial:

type=1400 audit(0.0:5): avc: denied { getattr } for comm="ueventd" path="/sys/devices/tegradc.0/driver" dev=sysfs ino=3386 scontext=u:r:ueventd:s0 tcontext=u:object_r:sysfs_devices_tegradc:s0 tclass=lnk_file

Allow ueventd to modify labeling / attributes of symlinks.

Change-Id: If641a218e07ef479d1283f3171b2743f3956386d

* commit '5b5ba50f':
  Drop sys_rawio neverallow for tee

* commit 'b59dc27a':
  Drop sys_rawio neverallow for tee

The new Nexus 5 tee implementation requires raw block I/O
for anti-rollback protection.

Bug: 15777869
Change-Id: I57691a9d06b5a51e2699c240783ed56e3a003396

* commit '7e953e77':
  Don't use don't

* commit 'f5835666':
  Don't use don't

* commit 'f7cf7a4b':
  ensure that untrusted_app can't set properties

* commit '99d86c7a':
  ensure that untrusted_app can't set properties

Single quotes sometimes mess up m4 parsing

Change-Id: Ic53cf0f9b45b2173cbea5c96048750f6a582a535

Bug: 10243159
Change-Id: I9409fe8898c446a33515f1bee2990f36a2e11535

* commit 'bfd4eac7':
  sepolicy: allow system server to remove cgroups

* commit 'aaaeb02e':
  Typedef+rules for SysSer to access persistent block device

* commit '568443bc':
  Let DCS read staged APK clusters.

* commit '5d60f04e':
  sepolicy: allow system server to remove cgroups

* commit '2cd9c9bd':
  Typedef+rules for SysSer to access persistent block device

* commit 'd3356826':
  Let DCS read staged APK clusters.

Bug: 15313911
Change-Id: Ib7d39561a0d52632929d063a7ab97b6856f28ffe

DCS is DefaultContainerService.

avc: denied { getattr } for path="/data/app/vmdl2.tmp"
    dev="mmcblk0p28" ino=162910 scontext=u:r:platform_app:s0
    tcontext=u:object_r:apk_tmp_file:s0 tclass=dir

Bug: 14975160
Change-Id: Ifca9afb4e74ebbfbeb8c01e1e9ea65f5b55e9375

* commit '9c52a78c':
  Allow SystemServer to start PersistentDataBlockService

* commit 'e844113b':
  Allow SystemServer to start PersistentDataBlockService

Start enforcing SELinux rules for install_recovery.

Change-Id: I052c7d2203babf3e146cf32794283e80ca21dd9a

Defines new device type persistent_data_block_device

This block device will allow storage of data that
will live across factory resets.

Gives rw and search access to SystemServer.

Change-Id: I298eb40f9a04c16e90dcc1ad32d240ca84df3b1e

* commit '5e476c36':
  Allow dumpstate to read the list of routing tables.

Change-Id: I0e8433c4fcbce04e2693a0f8cf1dd89c95684c24

* commit 'd2d172a3':
  Allow dumpstate to read the list of routing tables.

Change-Id: I55475c08c5e43bcf61af916210e680c47480ac32

* commit 'e4409728':
  Allow netd to create data files in /data/misc/net/.

* commit '65edb75d':
  Allow netd to create data files in /data/misc/net/.

This will be used to populate rt_tables (a mapping from routing table numbers to
table names) that's read by the iproute2 utilities.

Change-Id: I69deb1a64d5d6647470823405bf0cc55b24b22de

* commit 'd27aeb21':
  recovery: allow read access to fuse filesystem

* commit 'e9d97b74':
  recovery: allow read access to fuse filesystem

adb sideload depends on the ability to access the fuse
directory. Flipping recovery into enforcing started triggering
the following denial:

  type=1400 audit(17964905.699:7): avc:  denied  { search } for  pid=132 comm="recovery" name="/" dev="fuse" ino=1 scontext=u:r:recovery:s0 tcontext=u:object_r:sdcard_internal:s0 tclass=dir

Change-Id: I27ee0295fa2e2d0449bfab4f95bfbc076e92cf59

* commit 'd86b0a81':
  New domain "install_recovery"

* commit '9f6af083':
  New domain "install_recovery"