device_config_flags_health_check_prop is used for enabling/disabling
program flags_health_check which is executed during device booting.
"1" means enabling health check actions in flags_health_check, other
values mean flags_health_check will not perform any action.

Test: build succeeded & manual test
Change-Id: I93739dc5d155e057d72d08fd13097eb63c1193b5

Test: vold is able to create directories, ag/5534962

Bug: 116528212

Change-Id: I61dd8802c13b1c42d334a80b678ca6a877848fc2

Bug: 78815803
Test: builds, boots
Test: manual: adb shell idmap2 create ...
Test: manual: adb shell ps | grep -e idmap2d
Change-Id: I60852e15d99329896ff9de6559d1e7cd1c67e33d

Test: ensure no build failures;
add RoleManagerService as a boot phase
ensure no SecurityException in logcat on boot
Change-Id: Ia0803c0fb084fe2b12f5c20f5e46354d0dd1aedf

Test: m -j succeeded and manual tested on device

Change-Id: I3415c58335361a9da4ef2368e61bc4e0250a91bb

See aosp/660242 and aosp/608396

Fixes: 116530289

Test: builds
Change-Id: I220ece0d6751839fe764ff91fd7bd20c50104f8f

As b/116344577 is fixed, we no longer need the compatbility mapping any
more.

Test: build passed. Boot succeeded.
Change-Id: I0d7f02c59853d34bdabaad6841d87e9ca1ee25d7

Bug: 111276913
Test: manual verification

Change-Id: Icb309bb07e4e4b39cdc912b1d3dc1ece9cb55f5f

A sysprop apexd.status is set by apexd, to that other components (i.e.
init) can determine whether APEXs are all successfully mounted or no
(i.e., being mounted).

The sysprop is only writable by apexd.

Bug: 117403679
Test: adb shell getprop apexd.status returns 'ready'.
Change-Id: I81bcb96e6c5cb9d899f29ffa84f91eab3820be25

Test: manual on device
Change-Id: Ibafe1b345489c88a49a7ed3e2e61e5cc5e1880a1

Bug: 118124442
Test: device can boot with android.frameworks.bufferhub@1.0-service
      running
Change-Id: I1d186d5350671b0d2dd4e831429b8fba828316e0

This does not actually grant any permissions but just adds the
necessary boilerplate for a new service.

Bug: 117762471
Bug: 117761873

Change-Id: I7cdd2ae368616cfd54fc685c15f775604bfc80d4

Input device configuration files .idc, .kl that are placed in /vendor
are currently not accessible.
Allow the read access here.

Bug: 112880217
Test: move .idc and .kl files from /system to /vendor, then observe
logcat. With this patch, avc denials disappear.

Change-Id: I72ad62b9adf415f787565adced73fd8aaff38832

Set up a new service for sw media codec services.

Bug: 111407413

Test: cts-tradefed run cts-dev --module CtsMediaTestCases --compatibility:module-arg CtsMediaTestCases:include-annotation:android.platform.test.annotations.RequiresDevice
Change-Id: Ia1c6a9ef3f0c1d84b2be8756eb1853ffa0597f8e

This daemon is very locked down. Only system_server can access it.

Bug: 72170747
Change-Id: I7b72b9191cb192be96001d84d067c28292c9688f

apexd is a new daemon for managing APEX packages installed
on the device. It hosts a single binder service, "apexservice".

Bug: 112455435
Test: builds, binder service can be registered,
      apexes can be accessed, verified and mounted
Change-Id: I634ad100f10b2edcd9a9c0df0d33896fa5d4ed97

New maintenance scheme for mapping files:
Say, V is the current SELinux platform version, then at any point in time we
only maintain (V->V-1) mapping. (V->V-n) map is constructed from top (V->V-n+1)
and bottom (V-n+1->V-n) without changes to previously maintained mapping files.

Caveats:
- 26.0.cil doesn't technically represent 27.0->26.0 map, but rather
current->26.0. We'll fully migrate to the scheme with future releases.

Bug: 67510052
Test: adding new public type only requires changing the latest compat map
Change-Id: Iab5564e887ef2c8004cb493505dd56c6220c61f8

Bug: 116732452
Test: No sepolicy violations observed with this change
(cherry picked from commit I1958182dd8ecc496625da2a2a834f71f5d43e7bb)

Change-Id: Ib386767d8acfacf9fedafd9a79dd555ce233f41c

Bug: 111098596
Test: atrace/systrace

(cherry picked from commit 9ed5cf6e)

Change-Id: I97772ff21754d03a0aea0d53b39e8da5312a17c0

Create a new service type buffer_hub_binder_service for
BufferHubBinderService and allow bufferhubd to publish the service.

Add the service to 26.0, 27.0 and 28.0 compat ignore files since the
service is not available in past versions.

Fixes: 116022258
Test: build passed

Change-Id: I5a21f00329ed474433d96c8d1ce32377f20cada3

Bug: 111461540
Bug: 112570477

Test: builds
Change-Id: Icc68720ebe931c2d917703b2d34aa0f4eec3f549
Merged-In: Icc68720ebe931c2d917703b2d34aa0f4eec3f549

...to reflect that the HAL operates on storage devices,
not filesystem.

Bug: 111655771
Test: compiles
Change-Id: Ibb0572cb1878359e5944aa6711331f0c7993ba6e
Merged-In: Ibb0572cb1878359e5944aa6711331f0c7993ba6e

Test: Built and flashed an image.
Bug: 113651685
Change-Id: Ide239432ea8a5701d91c00edd06ad3e52560a3f7

Bug: 109809543
Test: Build and boot with the new service in the internal branch.

Change-Id: Iaee365771c3e8e5b8f5f3b6112bbf902c6bb02bd

llkd needs the ptrace capabilities and dac override to monitor for
live lock conditions on the stack dumps.

Test: compile
Bug: 33808187
Change-Id: Ibc1e4cc10395fa9685c4ef0ca214daf212a5e126

Bug: 72825012

Test: manual
Change-Id: I850c869cdc0ad8735800130bb4a8d67822197ff9

Bug: 111215474
Test: boots
Change-Id: I98955bcd02f643400c3eb97232467c09a2c5c1e5

Bug: 78793464
Test: fastboot getvar partition-size:super

'super_block_device' corresponds to the super partition
required for flashing dynamic partitions.

Change-Id: I323634b6797ead7c5face117a7028bf9ab947aea

Also allow adb and fastboot to talk to recovery
through recovery_socket. This enables changing
between modes with usb commands.

Test: No selinux denials
Bug: 78793464
Change-Id: I80c54d4eaf3b94a1fe26d2280af4e57cb1593790

This reverts commit 0fd3ed3b.

Reason for revert: Broke user builds.

Change-Id: If95f1a25d22425a5a2b68a02d1561352fb5a52f0

Also allow adb and fastboot to talk to recovery
through recovery_socket. This enables changing
between modes with usb commands.

Test: No selinux denials
Bug: 78793464
Change-Id: I1f97659736429fe961319c642f458c80f199ffb4

Bug: 78888165
Test: device can boot with HAL running.
Change-Id: I3bf7c8203e038b892176c97ec006152a2904c7be

Allow lmkd write access to sys.lmk. properties to be able to set
sys.lmk.minfree_levels.

Bug: 111521182
Test: getprop sys.lmk.minfree_levels returns value set by lmkd
Change-Id: I86ff11d75917966857d3a76876a56799bb92a5ad
Signed-off-by: Suren Baghdasaryan <surenb@google.com>

Test: builds
Test: vts
Bug: 111655771
Change-Id: Iabad3d124bf476cb624addf7d7898e0c2894d550

/cache/overlay directory in support of overlayfs mounts on userdebug
and eng devices.  Overlayfs in turn can be capable of supporting
adb remount for read-only or restricted-storage filesystems like
squashfs or right-sized (zero free space) system partitions
respectively.

Test: compile
Bug: 109821005
Bug: 110985612
Change-Id: I3ece03886db7cc97f864497cf93ec6c6c39bccd1

Bug: 73660730
Test: watchdogd still runs
Change-Id: I31697c7c6fa2f7009731ff48c659af051838e42f

Bug: 80414790
Test: boots
Change-Id: I15233721fa138e0fdf1a30f66d52b64cbab18b81

Steps taken to produce the mapping files:

1. Add prebuilts/api/28.0/[plat_pub_versioned.cil|vendor_sepolicy.cil]
from the /vendor/etc/selinux/[plat_pub_versioned.cil|vendor_sepolicy.cil]
files built on pi-dev with lunch target aosp_arm64-eng

2. Add new file private/compat/28.0/28.0.cil by doing the following:
- copy /system/etc/selinux/mapping/28.0.cil from pi-dev aosp_arm64-eng
device to private/compat/28.0/28.0.cil
- remove all attribute declaration statement (typeattribute ...) and
sort lines alphabetically
- some selinux types were added/renamed/deleted w.r.t 28 sepolicy.
Find all such types using treble_sepolicy_tests_28.0 test.
- for all these types figure out where to map them by looking at
27.0.[ignore.]cil files and add approprite entries to 28.0.[ignore.]cil.

This change also enables treble_sepolicy_tests_28.0 and install 28.0.cil
mapping onto the device.

Bug: 72458734
Test: m selinux_policy
Change-Id: I90e17c0b43af436da4b62c16179c198b5c74002c

The following commits were cherry-picked from internal master to AOSP,
but to avoid merge-conflicts we'll do a large diff instead of individual
cherry-picks:
521742e9
9aefc916
3686efca
de51e7de
fff3fe2f

Bug: 37916906
Test: angler builds and boots.
Merged-In: Ie010cc12ae866dbb97c387471f433158d3b699f3
Change-Id: I5126ebe88b9c76a74690ecf95851d389cfc22d1f

In order to bring AOSP development back in-line with master development,
some CLs were cherry-picked individually from internal master to AOSP,
which were then merged back into internal master (MERGED-IN was missing).
Due to merge-conflict pain, these are being reverted in favor of one
big diff.  This CL reverts the changes that were auto-merged in as a result,
and can be used as the target of MERGED-IN when reverting the individual
cherry-picks in AOSP.

This reverts commit a08fe91e, reversing
changes made to 11481d1d.

This reverts commit 7ec5ecfb, reversing
changes made to 6fecbbb2.

Bug: 37916906
Test: Builds 'n' boots.