Snap for 11498394 from 11ef48e4432171a43351914f74269a6e1ebd5fef to 24Q2-release
Change-Id: I84a7845af569a19ac8cb2b9284c6abae02556bd4
diff --git a/private/compat/34.0/34.0.ignore.cil b/private/compat/34.0/34.0.ignore.cil
index 351d647..015480a 100644
--- a/private/compat/34.0/34.0.ignore.cil
+++ b/private/compat/34.0/34.0.ignore.cil
@@ -23,6 +23,7 @@
hal_threadnetwork_service
hidl_memory_prop
hidraw_device
+ input_device_config_prop
virtual_camera_service
ot_daemon_service
ot_daemon_socket
diff --git a/private/property_contexts b/private/property_contexts
index fe12202..7e31dd7 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -288,6 +288,9 @@
persist.device_config.memory_safety_native. u:object_r:device_config_memory_safety_native_prop:s0
persist.device_config.tethering_u_or_later_native. u:object_r:device_config_tethering_u_or_later_native_prop:s0
+# Prop indicates the apex that bundles input configuration files (*.idc,*.kl,*.kcm)
+input_device.config_file.apex u:object_r:input_device_config_prop:s0 exact string
+
# Properties that is for staging
next_boot. u:object_r:next_boot_prop:s0
diff --git a/private/system_server.te b/private/system_server.te
index 5b0caaa..a1b7de3 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -520,6 +520,7 @@
r_dir_file(system_server, vendor_keylayout_file)
r_dir_file(system_server, vendor_keychars_file)
r_dir_file(system_server, vendor_idc_file)
+get_prop(system_server, input_device_config_prop)
# Access /vendor/{app,framework,overlay}
r_dir_file(system_server, vendor_app_file)
diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index f666cc8..c646137 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te
@@ -161,9 +161,6 @@
userdebug_or_eng(`
allow untrusted_app_all debugfs_kcov:file rw_file_perms;
allowxperm untrusted_app_all debugfs_kcov:file ioctl { KCOV_INIT_TRACE KCOV_ENABLE KCOV_DISABLE };
- # The use of debugfs kcov is considered a breach of the kernel integrity
- # according to the heuristic of lockdown.
- allow untrusted_app_all self:lockdown integrity;
')
# Allow running a VM for test/demo purposes. Note that access to the
diff --git a/public/domain.te b/public/domain.te
index 755b4b2..996a149 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -259,13 +259,14 @@
allow domain debugfs_tracing_debug:dir search;
allow domain debugfs_trace_marker:file w_file_perms;
-# Linux lockdown mode offers coarse-grained definitions for access controls.
-# The "confidentiality" level detects access to tracefs or the perf subsystem.
-# This overlaps with more precise declarations in Android's policy. The
-# debugfs_trace_marker above is an example in which all processes should have
-# some access to tracefs. Therefore, allow all domains to access this level.
-# The "integrity" level is however enforced.
-allow domain self:lockdown confidentiality;
+# Linux lockdown mode offered coarse-grained definitions for access controls. In
+# previous versions of the policy, the integrity permission was neverallowed.
+# It was found that this permission mainly duplicates pre-existing rules in
+# the policy (see b/285443587). Additionally, some access were found to be
+# required (b/269377822). The access vector was removed from kernel 5.16
+# onwards. Grant unconditional access, these rules should be removed from the
+# policy once no kernel <5.16 are supported.
+allow domain self:lockdown { confidentiality integrity };
# Filesystem access.
allow domain fs_type:filesystem getattr;
@@ -1310,6 +1311,3 @@
} ashmem_device:chr_file open;
neverallow { domain -traced_probes -init -vendor_init } debugfs_tracing_printk_formats:file *;
-
-# Linux lockdown "integrity" level is enforced for user builds.
-neverallow { domain userdebug_or_eng(`-domain') } self:lockdown integrity;
diff --git a/public/property.te b/public/property.te
index c513434..453a467 100644
--- a/public/property.te
+++ b/public/property.te
@@ -160,6 +160,7 @@
system_vendor_config_prop(hypervisor_prop)
system_vendor_config_prop(hypervisor_restricted_prop)
system_vendor_config_prop(incremental_prop)
+system_vendor_config_prop(input_device_config_prop)
system_vendor_config_prop(keyguard_config_prop)
system_vendor_config_prop(keystore_config_prop)
system_vendor_config_prop(lmkd_config_prop)