am: 888bc0bb

Change-Id: Ic14649c9ecba4879547300030717e2176ce8ca53

am: ed82acb9

Change-Id: I2c7dc59f0ea468fba1e34d38a55cc2e8e6cc3289

am: 3c0561b1

Change-Id: I05d63291a5e7af356e158483255ce1c5b73a1539

am: a299bc80

Change-Id: I94b99a1ace48fafeb47280d1d6764cac70fb9464

am: f9b6368a

Change-Id: I94973e72c33c15d0c856df05ec3a12f2490f170d

am: 814edf8c

Change-Id: I9a8cd19a081ab7731f8caf098e406d0af9ce9c48

Vendor and system components are only allowed to share files by
passing open FDs over HIDL. Ban all directory access and all file
accesses other than what can be applied to an open FD such as
ioctl/stat/read/write/append.

This commit asserts that core components marked with attribute
coredomain may only access core data types marked with attribute
core_data_file_type.

A temporary exemption is granted to domains that currently rely on
access.

(cherry picked from commit cd97e710)

Bug: 34980020
Test: build Marlin policy
Change-Id: I2f0442f2628fbac1f2f7aa5ddf2a13e16b2546cc

am: 99575587

Change-Id: Ifc2a968afc41bebeea83b2a8291661e8ea367219

am: 45f699c7

Change-Id: Ib868a803f480a3c756102e59d49275b6eb4e6372

am: 035a0424

Change-Id: I154a39ee1247c057fc7e9bc587da3e04a565f912

am: 386f9460

Change-Id: Ieba3686f331cfa1c3a0907bf15db188a19d3f140

am: 6fa700c9

Change-Id: I60628dc49a4cd4175a343b402914ccb5ea655138

This CL changes the policy for ASAN files on-disk to support the
changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/
https://android-review.googlesource.com/#/c/359389/

which refactor the on-disk layout of sanitized libraries in the following
manner -
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*

There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.

(cherry picked from commit 33ebdda8)

Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*,
and have the right SELinux permissions.

Change-Id: Ib08e360cecc8d77754a768a9af0f7db35d6921a9

am: ad80182a

Change-Id: I8ecf3458b0974043e4ded8ed343e8191b01b1942

Bug: 33239267
Test: compile, run wifi, no selinux complaint for wificond
Change-Id: I9b3e874381ac6cd7c6ff1058cc4f313bd85481b8

am: 12dc7f20

Change-Id: I9ff669fb9e0e8f3928d4e361c8a47dbdac6e8edb

am: a239f30f

Change-Id: Iee8134c83616720639c9ecb55f34c7b8bad9872a

Merge "Add reverse-attribute mapping to sepolicy-analyze." am: cb6f8f02 am: 22b00be7 am: 537e9e98
am: bb898002

Change-Id: Ife61cdc820f164c1b1e93e7da01dec77014e629f

am: 537e9e98

Change-Id: Ia100e124b6d1bb4c0f37959acbbca63a26867c9b

am: 22b00be7

Change-Id: Id8e7c42e8e92fed47611c083d40c2d574d3d6918

am: cb6f8f02

Change-Id: I47b6a0362f268ba1a599ab2354f72357fc7b79cc

/data/misc/zoneinfo is provided by libc and is considered to be
VNDK stable. Grant read access to all domains and exempt from
neverallow rules asserting no vendor access to core data types.

Bug: 36730929
Test: Marlin Policy builds
Change-Id: I13766a661d6314f5393639fc20f1ab55d802f35f

Test: adb kill-server && adb shell dumpsys storaged
Bug: 36492915
Change-Id: I3a1a2ad2f016ddd5770d585cae82c8be69001df9

am: 3ccbea52

Change-Id: Ib402849b6efff93fd763d7b2bddf470c79067c47

Merge "Refactor sanitized library on-disk layout - SELinux." am: a2e9664c am: ebe26cbb am: ba0c430b
am: 91b0903c

Change-Id: I3315811aa97328a00ae123ac7ea9b454ebaa8ba6

am: d14187d6

Change-Id: I16abf8a56c0a3e4dc0fe8a6bbd585286fa2b273e

am: bb51a941

Change-Id: Ibeacdffdbcd24e0a34617ef1f259764242db2d3e

am: ba0c430b

Change-Id: I81611c73460132d34d9bc4c30df6d99b3f0d97a4

am: 5af76fca

Change-Id: I705f9a6cc45c6c8829d148d2c2ba333ba23759ac

am: 58cb5787

Change-Id: I219d6074cf3ff7253ef74ebc6d8aa5372d296243

am: ebe26cbb

Change-Id: If6ca7b2337a0b80b6fe2c0163e9a8bec2e7d6829

am: 6b92e26a

Change-Id: Ie76aa1f95e72b6183c13be4f9dc86481a2d63077