Also giving statsd permission to access it. This change copies the internal sepolicy to AOSP.

Bug: 111185513
Bug: 120551881
Test: make
Change-Id: I7e0386777e05580299caf9b97cb7804459f1a9d0

Add a DeviceConfig service in system_server to edit configuration flags.
This is intended to be a command line tool for local overrides and/or
tool for tests that adopt shell permissions.

Test: None
Bug:109919982
Bug:113101834
Change-Id: Ib7bed752849b1ed102747e3202dd7aed48d2c6d5

I572ea22253e0c1e42065fbd1d2fd7845de06fceb introduced a whitelist, so
everything under tracing/ is assumed to be debugfs_tracing_debug
unless explicitly marked as debugfs_tracing.

Test: Device boots, labels under /sys/kernel/debug/tracing are unchanged.
Change-Id: Id0f0cbcc9e5540551bd2906fbf75f8e939dc4d4c

Allow traced_probes to read /sys/kernel/debug/tracing
directories in userdebug mode. We read the directory when enabling
events with the wild card syntax: "oom/*" which attmpts to read the
directory /sys/kernel/debug/tracing/events/oom to work out what oom
events exist.

Denial:
  avc: denied { read } for name="oom" dev="tracefs" ino=11353
  scontext=u:r:traced_probes:s0
  tcontext=u:object_r:debugfs_tracing_debug:s0 tclass=dir
  permissive=0

Bug: 119662403
Test: perfetto -t 10s 'oom/*' -o /data/misc/perfetto-traces/trace
Change-Id: I2cb171c3c5292d2eb55e71376f965b924a563572

Code in bionic / libcore will now look in the runtime
APEX module for data files.

Bug: 119293618
Bug: 119390260
Test: build / treehugger only
Change-Id: I965c763e7f0452b8ef5ffbf730733e9a41254beb

All these modules are being unconditionally added to
LOCAL_REQUIRED_MODULES a few lines down.

Test: make
Change-Id: I474c5d41e1a6dd34fd2c2f2d10299048df4c2b70

After b/28357356 /dev/alarm is no longer used by android platform.
Also, Pixel devices don't have /dev/alarm.

Bug: 110962171
Test: boot aosp_walleye
Change-Id: Id9723996104a2548ddf366489890c098d1ea87be

Add sepolicy rule to support audio system property
audio.offload.min.duration.secs

Bug: 120123518
Change-Id: Ie027eb9ef102caca13adb1924db3be11d02b25c7

This prevents denials while taking a bugreport.

Bug: 116711254
Test: cts-tradefed run cts -m CtsSecurityHostTestCases -t
android.security.cts.SELinuxHostTest#testNoBugreportDenials

Change-Id: I5414141a1557d71e3ac0cf5bc89529685e9069c3

Merge pie-platform-release (PPRL.181105.017, history only) into master

Bug: 118454372
Change-Id: I44d2461c1d8845d453fe587a77c2c06f9e1da2eb

Allow wifi HAL to use SIOCETHTOOL. This permission is needed to get
factory MAC address of the device.

Bug: 111634904
Test: Manual check that the device can get factory MAC address
Change-Id: I50e91ef7390ad4fba6e014990ee23feb777c4391

An incident.proto section has been added to the bugreport. Need
appropriate sepolicy changes to allow binder calls and fd access.

Bug: 119417232
Test: adb bugreport. Verify incident.proto is in the proto folder,
      and there are no sepolicy violations.

Change-Id: Iac27cbf283a2e1cb41862c76343c2b639f6c0e1e

The isolated service that do nothing except for both AIDL's basic
skeleton and service binding. It still got the SELinux denied.
This should fix presubmit test.

01-01 00:00:29.196  6121  6121 I auditd  : type=1400 audit(0.0:6):
avc: denied { getattr } for comm="convert.service"
path="/data/data/com.android.externalstorage" dev="sda35" ino=655437
scontext=u:r:isolated_app:s0:c0,c256,c512,c768
tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0

Test: ag/5681059 ag/5660144
Bug: 120394782
Change-Id: I7838def96da30b88d510dab860ed9779a0d4d5ed

We are making a change to uevent_open_socket() in libcutils related to
setting the receive buffer size of netlink uevent sockets.

After setting SO_RCVBUF, we immediately read it back using getsockopt()
to verify that the setsockopt() call was effective. Only if it was not
effective, we call setsockopt() with SO_RCVBUFFORCE.

getsockopt() previously caused SELinux denials like the following:

 avc: denied { getopt } for comm="usb@1.1-service" scontext=u:r:hal_usb_default:s0 tcontext=u:r:hal_usb_default:s0 tclass=netlink_kobject_uevent_socket permissive=0

Bug: 119933843
Change-Id: I7bbb1eb1fa7ade2c94afc52ab1e28762f86a7d1f

Adds the necessary incantations for the new service.

Bug: 118242715
Bug: 119026403
Test: build / boot / adb shell dumpsys
Change-Id: Ibb1a356067863316d70586a61ede9f5973c1ae15

Allows battery counters to be logged in the trace. This
is to allow high fidelity attribution of battery power.

Matching feature CL: aosp/838951

SELinux denials that lead to this:
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=0
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=0 duplicate messages suppressed
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { read } for comm="traced_probes" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { open } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { open } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="traced_probes" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17794 scontext=u:r:traced_probes:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { call } for comm="traced_probes" scontext=u:r:traced_probes:s0 tcontext=u:r:hwservicemanager:s0 tclass=binder permissive=1
avc: denied { call } for comm="traced_probes" scontext=u:r:traced_probes:s0 tcontext=u:r:hwservicemanager:s0 tclass=binder permissive=1
avc: denied { search } for comm="hwservicemanage" name="26854" dev="proc" ino=4959346 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=dir permissive=1
avc: denied { search } for comm="hwservicemanage" name="26854" dev="proc" ino=4959346 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=dir permissive=1
avc: denied { read } for comm="hwservicemanage" name="current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { read } for comm="hwservicemanage" name="current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { open } for comm="hwservicemanage" path="/proc/26854/attr/current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { open } for comm="hwservicemanage" path="/proc/26854/attr/current" dev="proc" ino=4959383 scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=file permissive=1
avc: denied { getattr } for comm="hwservicemanage" scontext=u:r:hwservicemanager:s0 tcontext=u:r:traced_probes:s0 tclass=process permissive=1


Bug: 113076327
Change-Id: I4aabd0d70025105320c4a8d34470098807d56899

Heapprofd needs to read binary files and library in order to support
unwinding the stack. sytem_file does not include all thes files, e.g.
zygote_exec is only labeled as system_file_type.

Denials:

12-03 10:50:37.485  9263  9263 I heapprofd: type=1400 audit(0.0:177): avc: denied { read } for name="app_process64" dev="dm-0" ino=2286 scontext=u:r:heapprofd:s0 tcontext=u:object_r:zygote_exec:s0 tclass=file permissive=1
12-03 10:50:37.485  9263  9263 I heapprofd: type=1400 audit(0.0:178): avc: denied { open } for path="/system/bin/app_process64" dev="dm-0" ino=2286 scontext=u:r:heapprofd:s0 tcontext=u:object_r:zygote_exec:s0 tclass=file permissive=1
12-03 10:50:37.485  9263  9263 I heapprofd: type=1400 audit(0.0:179): avc: denied { getattr } for path="/system/bin/app_process64" dev="dm-0" ino=2286 scontext=u:r:heapprofd:s0 tcontext=u:object_r:zygote_exec:s0 tclass=file permissive=1

Change-Id: Ie04b722a78ff6367729930ee0ef96f48ccf6aa55
Bug: 117762471

Currently, when an APEX is staged, apexd moves the file from
/data/app/vmdl*.tmp directory to /data/apex. However, the original file
is labeled with apk_tmp_file and is not readable from apexd.

We plan to resolve this issue by moving the file content via file
descriptor in between the package manager and apexd.

However, until the plan is implemented, temporarily allow apexd to
relabel the file to apex_data_file that is readable to it. This unblocks
the end-to-end test for APEX.

Bug: 112669193
Test: adb install --apex system/apex/apexd/apexd_testdata/test.apex
adb reboot; adb root; adb shell; cmd apexservice getActivePackages
The test APEX is activated

Change-Id: Ib9d4f5c699261f1fa1e6d557731767ee4d7168f9

Never use popen, just execvp directly

Test: Two tests
- Ensure Marlin device boots and vold_prepare_subdirs is called
successfully
- Try adb shell sm set-virtual-disk true, see that eg sgdisk output is
logged.
Bug: 26735063
Bug: 113796163

Change-Id: Icb34140429db85098a0118a2b833772e3620e7ac

This is PS1 of aosp/828283 which was reverted. Using PS1 shouldn't cause
the same issue.

Test: vold is able to create directories, ag/5534962

Bug: 116528212
Change-Id: I84aca49a8dae0a087498120780dea0962aca04b3

This includes the SELinux policy changes to allow for
kcov access in userdebug builds for coverage-guided
kernel fuzzing.

Bug: 117990869

Test: Ran syzkaller with Android untrusted_app sandbox with coverage.
Change-Id: I1fcaad447c7cdc2a3360383b5dcd76e8a0f93f09