Merge "Add biometric face virtual hal service" into main
diff --git a/apex/Android.bp b/apex/Android.bp
index 7203d9d..37b6171 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -94,6 +94,13 @@
}
filegroup {
+ name: "com.android.crashrecovery-file_contexts",
+ srcs: [
+ "com.android.crashrecovery-file_contexts",
+ ],
+}
+
+filegroup {
name: "com.android.federatedcompute-file_contexts",
srcs: [
"com.android.federatedcompute-file_contexts",
diff --git a/apex/com.android.crashrecovery-file_contexts b/apex/com.android.crashrecovery-file_contexts
new file mode 100644
index 0000000..f3a65d4
--- /dev/null
+++ b/apex/com.android.crashrecovery-file_contexts
@@ -0,0 +1 @@
+(/.*)? u:object_r:system_file:s0
diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 4c6492f..106cb21 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@@ -24,6 +24,7 @@
device_config_memory_safety_native_prop
device_config_updatable_service
device_config_vendor_system_native_prop
+ device_config_aconfig_flags_prop
devicelock_service
fwk_altitude_service
fwk_camera_service
diff --git a/private/compat/34.0/34.0.ignore.cil b/private/compat/34.0/34.0.ignore.cil
index 7558604..36d3aaa 100644
--- a/private/compat/34.0/34.0.ignore.cil
+++ b/private/compat/34.0/34.0.ignore.cil
@@ -6,6 +6,7 @@
(typeattributeset new_objects
( new_objects
archive_service
+ dtbo_block_device
ota_build_prop
snapuserd_log_data_file
hal_threadnetwork_service
diff --git a/private/flags_health_check.te b/private/flags_health_check.te
index 9afaba0..64da97b 100644
--- a/private/flags_health_check.te
+++ b/private/flags_health_check.te
@@ -25,6 +25,7 @@
set_prop(flags_health_check, device_config_configuration_prop)
set_prop(flags_health_check, device_config_connectivity_prop)
set_prop(flags_health_check, device_config_surface_flinger_native_boot_prop)
+set_prop(flags_health_check, device_config_aconfig_flags_prop)
set_prop(flags_health_check, device_config_vendor_system_native_prop)
set_prop(flags_health_check, device_config_vendor_system_native_boot_prop)
set_prop(flags_health_check, device_config_virtualization_framework_native_prop)
diff --git a/private/property.te b/private/property.te
index 8d99e66..892c94e 100644
--- a/private/property.te
+++ b/private/property.te
@@ -2,6 +2,7 @@
system_internal_prop(adbd_prop)
system_internal_prop(apexd_payload_metadata_prop)
system_internal_prop(ctl_snapuserd_prop)
+system_internal_prop(device_config_aconfig_flags_prop)
system_internal_prop(device_config_core_experiments_team_internal_prop)
system_internal_prop(device_config_lmkd_native_prop)
system_internal_prop(device_config_mglru_native_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 32b5eee..3ddc42c 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -269,6 +269,7 @@
persist.device_config.storage_native_boot. u:object_r:device_config_storage_native_boot_prop:s0
persist.device_config.surface_flinger_native_boot. u:object_r:device_config_surface_flinger_native_boot_prop:s0
persist.device_config.swcodec_native. u:object_r:device_config_swcodec_native_prop:s0
+persist.device_config.aconfig_flags. u:object_r:device_config_aconfig_flags_prop:s0
persist.device_config.vendor_system_native. u:object_r:device_config_vendor_system_native_prop:s0
persist.device_config.vendor_system_native_boot. u:object_r:device_config_vendor_system_native_boot_prop:s0
persist.device_config.virtualization_framework_native. u:object_r:device_config_virtualization_framework_native_prop:s0
diff --git a/private/system_server.te b/private/system_server.te
index f44eab1..452f4bb 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -766,6 +766,7 @@
set_prop(system_server, device_config_configuration_prop)
set_prop(system_server, device_config_connectivity_prop)
set_prop(system_server, device_config_surface_flinger_native_boot_prop)
+set_prop(system_server, device_config_aconfig_flags_prop)
set_prop(system_server, device_config_vendor_system_native_prop)
set_prop(system_server, device_config_vendor_system_native_boot_prop)
set_prop(system_server, device_config_virtualization_framework_native_prop)
@@ -1334,6 +1335,7 @@
device_config_surface_flinger_native_boot_prop
device_config_sys_traced_prop
device_config_swcodec_native_prop
+ device_config_aconfig_flags_prop
device_config_window_manager_native_boot_prop
}:property_service set;
diff --git a/private/vfio_handler.te b/private/vfio_handler.te
index 2a0bd37..3bed3c6 100644
--- a/private/vfio_handler.te
+++ b/private/vfio_handler.te
@@ -27,5 +27,9 @@
# vfio_handler can only use fd from virtualizationmanager, and can't open files itself
neverallow vfio_handler virtualizationservice_data_file:file { open create };
+# Allow vfio_handler to search /dev/block for accessing dtbo.img
+allow vfio_handler block_device:dir search;
+allow vfio_handler dtbo_block_device:blk_file r_file_perms;
+
# Only vfio_handler can add vfio_handler_service
neverallow { domain -vfio_handler } vfio_handler_service:service_manager add;
diff --git a/public/attributes b/public/attributes
index cb46856..0fdbf13 100644
--- a/public/attributes
+++ b/public/attributes
@@ -299,6 +299,11 @@
attribute untrusted_app_visible_halserver_violators;
expandattribute untrusted_app_visible_halserver_violators false;
+# All system domains which are assignable with vendor's seapp_contexts files.
+# TODO(b/280547417): Remove this once there are no violations
+attribute vendor_seapp_assigns_coredomain_violators;
+expandattribute vendor_seapp_assigns_coredomain_violators false;
+
# PDX services
attribute pdx_endpoint_dir_type;
attribute pdx_endpoint_socket_type;
diff --git a/public/device.te b/public/device.te
index 36299d3..4a824c9 100644
--- a/public/device.te
+++ b/public/device.te
@@ -93,6 +93,10 @@
# Documented at https://source.android.com/devices/bootloader/partitions
type boot_block_device, dev_type;
+# dtbo block device, type used for getting DTBO information for AVF.
+# Documented at https://source.android.com/docs/core/architecture/dto/partitions
+type dtbo_block_device, dev_type;
+
# Userdata block device mounted on /data.
# Documented at https://source.android.com/devices/bootloader/partitions
type userdata_block_device, dev_type;
diff --git a/public/domain.te b/public/domain.te
index 4ad73f1..4e4730a 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -579,7 +579,6 @@
-init
-recovery
-system_server
- -shell # Shell is further restricted in shell.te
-ueventd # Further restricted in ueventd.te
} frp_block_device:blk_file no_rw_file_perms;
diff --git a/public/init.te b/public/init.te
index c01dc93..e552ec2 100644
--- a/public/init.te
+++ b/public/init.te
@@ -56,6 +56,7 @@
userdata_block_device
}:{ blk_file lnk_file } relabelto;
+allow init dtbo_block_device:lnk_file relabelto;
allow init super_block_device:lnk_file relabelto;
# Create /mnt/sdcard -> /storage/self/primary symlink.
diff --git a/tools/check_seapp.c b/tools/check_seapp.c
index 862ecce..41a713d 100644
--- a/tools/check_seapp.c
+++ b/tools/check_seapp.c
@@ -22,6 +22,7 @@
#define APP_DATA_REQUIRED_ATTRIB "app_data_file_type"
#define COREDOMAIN "coredomain"
+#define VENDOR_SEAPP_ASSIGNS_COREDOMAIN_VIOLATORS "vendor_seapp_assigns_coredomain_violators"
/**
* Initializes an empty, static list.
@@ -449,7 +450,13 @@
return false;
}
- if (type_has_attribute(pol.db, type_dat, attrib_dat)) {
+ type_datum_t *attrib_violators = find_type(pol.db,
+ VENDOR_SEAPP_ASSIGNS_COREDOMAIN_VIOLATORS,
+ TYPE_ATTRIB);
+ bool allowlisted = attrib_violators != NULL &&
+ type_has_attribute(pol.db, type_dat, attrib_violators);
+
+ if (type_has_attribute(pol.db, type_dat, attrib_dat) && !allowlisted) {
coredomain_violation_entry *entry = (coredomain_violation_entry *)malloc(sizeof(*entry));
entry->domain = strdup(value);
entry->filename = strdup(filename);