Currently update_verifier only verifies the blocks when dm-verity is in
'enforcing' mode; and dm-verity will reboot the device upon detection of
errors. However, sometimes the verity mode is not guaranteed to be
correct. When mode is 'eio' for example, dm-verity will not trigger
a reboot but rather fail the read. So update_verifier need to take the
responsibility to reboot the device. Otherwise the device will continue
to boot without setting the flag "isSlotMarkedSuccessful".

Denial message:
update_verifier: type=1400 audit(0.0:18): avc: denied { write } for
name="property_service" dev="tmpfs" ino=14678 scontext=u:r:update_verifier:s0
tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Bug: 36260064
Test: powerctl property sets successfully
Change-Id: I7431f87e2d61be1425397732aebb369d4ad4c26c

Test: works on internal marlin
Bug: 34274385
Change-Id: Idd35e5cdccb595b4e5994eb1d78fdeece0aec0a6

am: cb6f8f02

Change-Id: I47b6a0362f268ba1a599ab2354f72357fc7b79cc

am: 6b92e26a

Change-Id: Ie76aa1f95e72b6183c13be4f9dc86481a2d63077

am: a2e9664c

Change-Id: I184d353b6ca0c8e5b712da11b4de777e04a5b79f

sepolicy-analyze allows users to see all types that have a given
attribute, but not the reverse case: all attributes of a given type.
Add a '--reverse' option which enables this, but keeps the previous
interface.

Usage: sepolicy-analyze sepolicy attribute -r init

Bug: 36508258
Test: Build and run against current policy.
Change-Id: Ice6893cf7aa2ec4706a7411645a8e0a8a3ad01eb

am: eca32251

Change-Id: I22930eb5a18047b235b6d1028a3fc49e5a6b0989

Test: adb kill-server && adb shell dumpsys storaged
Bug: 36492915
Change-Id: I3a1a2ad2f016ddd5770d585cae82c8be69001df9

am: 02d9d21d

Change-Id: I29861f9cc52001f2968c2313f48031dd01afe8c7

Init is no longer calling vdc with logwrapper, so it must take care of
logging to kmsg directly.

Change-Id: I529f5a95e19c08ef75e0da9a02bae1cb7187eec0
avc: denied { write } for pid=367 comm="vdc" name="kmsg" dev="tmpfs" ino=11056 scontext=u:r:vdc:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0

Test: observe vdc logging in kmsg on boot and stderr on normal usage

Change-Id: Ie3678509d360f19b95cb03aeea75f29843728203

Devices that store their BT MAC address in /data/misc/bluedroid/ need
to find another place for that file.

Bug: 36602160
Test: Restart Bluetooth, check for selinux denials/files in /data/misc
Change-Id: Ib8d610f201a8c35f95b464c24857c6639205bc66
Merged-In: Ib8d610f201a8c35f95b464c24857c6639205bc66

This CL changes the policy for ASAN files on-disk to support the
changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/
https://android-review.googlesource.com/#/c/359389/

which refactor the on-disk layout of sanitized libraries in the following
manner -
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*

There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.

Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*,
and have the right SELinux permissions.

Change-Id: Ib08e360cecc8d77754a768a9af0f7db35d6921a9

am: 32815389

Change-Id: Id6cc5e3c1dc6b098f893b566dcbf09fc29973162

am: 7eb3dd3b

Change-Id: Iafaa3fd315533c4cb49847d927d2c7cbae71bb51

* changes:
  Add IpSecService SEPolicy
  Update Common NetD SEPolicy to allow Netlink XFRM

am: ad38a45c

Change-Id: I0d974996ee28e0cff0a5a59de66ce2247c1c254a

am: 915c0070

Change-Id: I6899ca877d1ccf0a3d475fd34cfffc00eacdf23d

am: 5a9410cf

Change-Id: I4cf02d403a045bce6da96939406a886197f5a1a5

am: 3f724c95

Change-Id: Ia390c3537b7efe897154380ee836dbb7ac0ed742

This is a special file that can be mounted as a loopback device to
exercise adoptable storage code on devices that don't have valid
physical media.  For example, they may only support storage media
through a USB OTG port that is being used for an adb connection.

avc: denied { read } for path="/data/misc/vold/virtual_disk" dev="sda35" ino=508695 scontext=u:r:kernel:s0 tcontext=u:object_r:vold_data_file:s0 tclass=file permissive=0

Bug: 34903607
Change-Id: I84721ec0e9495189a7d850461875df1839826212

Moves selinux policy build decisions to system/sepolicy/Android.mk.
This is done because the PRODUCT_FULL_TREBLE variable isn't available
in embedded.mk and TARGET_SANITIZE isn't available to dependencies of
init.

Test: Build/boot Bullhead PRODUCT_FULL_TREBLE=false
Test: Build/boot Marlin PRODUCT_FULL_TREBLE=true
Test: Build Marlin TARGET_SANITIZE=address. Verify asan rules are
      included in policy output.
Bug: 36138508
Change-Id: I20a25ffdfbe2b28e7e0f3e090a4df321e85e1235

am: 2224f30a

Change-Id: I184272269fed360807e41a1cac1fe099477685e6

am: 133d5298

Change-Id: I934f58768bd30de9c62d33e83b6a1b60f0d0fb9b

Per loop(4), this device is the preferred way of allocating new
loop devices since Linux 3.1.

avc: denied { read write } for name="loop-control" dev="tmpfs" ino=15221 scontext=u:r:vold:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0

Bug: 34903607
Change-Id: I1f5f62cf0a1c24c6f6453100004812af4b8e1503

am: 5d0c2e41

Change-Id: I30a0587f8bb4a99a97ddce7d989302f9a89a02af

secilc is being used without -f which is causing a file_contexts
file to be generated in the root of the tree where the build tools
run:

$ stat $T/file_contexts
  File: 'file_contexts'
  Size: 0         	Blocks: 0          IO Block: 4096   regular empty file
Device: fc00h/64512d	Inode: 5508958     Links: 1
Access: (0664/-rw-rw-r--)  Uid: ( 1000/wcrobert)   Gid: ( 1000/wcrobert)
Access: 2017-03-23 11:23:41.691538047 -0700
Modify: 2017-03-23 11:23:41.691538047 -0700
Change: 2017-03-23 11:23:41.691538047 -0700

Test: remove $T/file_contexts, touch a policy file and make sepolicy,
      ensure file is not regenerated. Also, ensure hikey builds and
      boots.

Change-Id: I0d15338a540dba0194c65a1436647c7d38fe3c79
Signed-off-by: William Roberts <william.c.roberts@intel.com>

Bug: 36546152
Bug: 36278706

Test: `adb shell screencap ...` and pull and visually verify image.
Change-Id: Iab2ddcfc145cb7f55104cd8f1ce0d58286bca282

am: 987014c8

Change-Id: I97a2e56097ca2f4a23ae682afcb86c47d9fd8749