am: ae709241

Change-Id: Ia52cb0d049a82b2ce682243ff1fbe90ebd0a4614

am: a61f7f60

Change-Id: I5a0ff1b9233deb5ab7a6f4eb63498bbbefc169b3

Bug: 37476041
Test: make, pair and connect to HID device
Change-Id: Ic7e81382994769e3f3a91255dcf3624edeaf6bfd

am: fdb9c018

Change-Id: I97a63c04df7a70822015d99eb619b4ae0147241f

am: 9d46f9b4

Change-Id: Id3bd7d69bd07fafdf76453e52de01b2b5bb67472

This could be useful in diffs between policy versions.

Bug: 37357742
Test: sepolicy-analyze lists all attributes in precompiled_policy.
Change-Id: I6532a93d4102cf9cb12b73ee8ed86ece368f9131

am: f5defc90

Change-Id: I8a59ecbf59f8e6618bd5a06e61a46594638d6bcd

am: 9f152d98

Change-Id: I1c319ac3558e5ff96072638dc4be97502da61056

MediaProvider requires permissions that diverge from those
of a typical priv_app. This create a new domain and removes
Mtp related permissions from priv_app.

Bug: 33574909
Test: Connect with MTP, download apps and files, select ringtones
Test: DownloadProvider instrument tests, CtsProviderTestCases

Change-Id: I950dc11f21048c34af639cb3ab81873d2a6730a9

am: afa8120a

Change-Id: Ie7c760c3952650b5b7b60f956a0a5934a64e399f

am: 5ab5cfba

Change-Id: I1fd254e6991d4d7f9afa6e36b26cc879c73fa6da

Encountered more denials on sailfish:

avc:  denied  { read } for  pid=439 comm="recovery" name="thermal"
dev="sysfs" ino=28516 scontext=u:r:recovery:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=0

avc:  denied  { read } for  pid=441 comm="recovery"
name="thermal_zone9" dev="sysfs" ino=40364 scontext=u:r:recovery:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=lnk_file permissive=0

Bug: 36920500
Test: sideload a package in sailfish
Change-Id: Ib4e89ba48cdc383318e5f3b7b15f542434e43564

am: f169d6a3

Change-Id: Icbd24b2e2222746a6efb957e609912b30d3d8e5e

am: e453801d

Change-Id: I1568b0c66ebd5932dbc5da353c40dbff02ceab26

am: b04bb4bc

Change-Id: I52a5adda63a2878fc7dd15d7b6a3f88294e88cf8

am: f3b5bd64

Change-Id: I7515097dc3c410fdf3544d72d9d99be772f62d0c

Remove domain_deprecated from bluetooth. This removes some unnecessarily
permissive rules.

Bug: 25433265
Test: All of the permissions being removed were being audited. Verify
      that no audited (granted) avc messages for bluetooth exist in
      in the logs.

Change-Id: Ifa12a0f1533edcb623bbb9631f88f1ff1d6d7085

These were previously in device specific sepolicies.
They should be in core sepolicy to reflect their
use by a core init file, init.usb.configfs.rc.

Addresses denial:

init    : type=1400 audit(0.0:135): avc: denied { unlink } for name="f1"
dev="configfs" ino=10923 scontext=u:r:init:s0
tcontext=u:object_r:configfs:s0 tclass=lnk_file permissive=0

Test: denial addressed
Change-Id: I869892f9d0c311b727462fb380f4160feb986215

am: c1463bfb

Change-Id: I252460e54aeae7f0e0fd84bf1aeeecddfe1225a6

am: 20fe64e7

Change-Id: Id1d70b14a7035d18b5bb6ef9720fc0b5689bb722

am: 5f37f670

Change-Id: I6f8c6580a4ebe5f9099c3779548cf5ae46a9f3a8

am: f6eb2ad6

Change-Id: Ica844c95214cdf8b26a94e261f1f7a0ed734083c

am: 45ca6898

Change-Id: I5dd0b816654108c8b01e39a622fd3696ca99c8f9

am: d16d039f

Change-Id: I9778cef84531cfbbdead89be2bfaa48e4c067891

This was marked deprecated in 2014 and removed in 2015, let's remove
the sepolicy now too.

Test: see that logging still works on bullhead

Change-Id: I4caa0dbf77956fcbc61a07897242b951c275b502

am: 52f3c178

Change-Id: I669f86f7ed4d1d1338f33e39fd6b05bf89a34c94

am: 9a3a6a81

Change-Id: If95f7f3f75f213549a15cdab969073a25b9776c3

With build/core eaa9d88cf, system_server should not be loading code
from /data. Add an auditallow rule to report violations.

Bug: 37214733
Test: Boot marlin, no SELinux audit lines for system_server.
Change-Id: I2e25eb144503274025bd4fc9bb519555851f6521

Create PLATFORM_SEPOLICY_VERSION, which is a version string to represent
the platform sepolicy of the form "NN.m" where "NN" mirrors the
PLATFORM_SDK_VERSION and "m" is a policy-based minor version that is
incremented with every policy change that requires a new backward-compatible
mapping file to be added to allow for future-proofing vendor policy against
future platform policy.

(cherry-pick of commit 6f14f6b7)

Bug: 36783775
Test: Device boots when sha256 doesn't match and compilation is forced.
Change-Id: I4edb29824f2050a5a6e1bc078c100cf42e45c303

The sepolicy version takes SDK_INT.<minor> format. Make sure our
'current' policy version reflects the format and make it '100000.0'.
This ensures any vendor.img compiled with this will never work with
a production framework image either.

Make version_policy replace the '.' in version by '_' so secilc is
happy too.

This unblocks libvintf from giving out a runtme API to check vendor's
sepolicy version. The PLAT_PUBLIC_SEPOLICY_CURRENT_VERSION will
eventually be picked up from the build system.

(cherry-pick of commit 42f95984)

Bug: 35217573
Test: Build and boot sailfish.
      Boot sailfish with sepolicy compilation on device.
Signed-off-by: Sandeep Patil <sspatil@google.com>

Change-Id: Ic8b6687c4e71227bf9090018999149cd9e11d63b

am: 84a1cd0d

Change-Id: Ief1f5882cd41558a20c484f59af63207c04d12cb

am: b7cb45f0

Change-Id: Ib1b8ae98f032e05a4053ef7184944033b2d1f9af

am: 8ee64187

Change-Id: I6c035c3e696531297ff8a3c09045acf6d2c98cd0

am: 462cf398

Change-Id: I12d310b90e6863a56c1fc269ce237e93864d88f8