am: c27c23fb

Change-Id: I28f0ec1eac5fa78ca1268089954c190c0e38b188

Only init and ueventd have any access to /dev/port, and neither should
have any use for it. As it stands, leaving port in just represents
additional attack surface with no useful functionality, so it should be
removed if possible, not only from Pixel devices, but from all Android
devices.

Test: The phone boots successfully

Bug:33301618
Change-Id: Iedc51590f1ffda02444587d647889ead9bdece3f

am: 65ad9bc1

Change-Id: I46623679450cd1fd1302698c1ea8a1f290bc6d16

Test: none
Bug: 32020264
Change-Id: If5f22dad672895b3684b8e44209c5a1eae16ba47

am: 090f4a4d

Change-Id: Ib9481c4abc8cd9b5b58f87067e9d5803651d73c1

am: 17c675b3

Change-Id: I9b04ff4503a197e25538f0f77dc6b24888240a2c

media framework analytics are gathered in a separate service.
define a context for this new service, allow various
media-related services and libraries to access this new service.

Bug: 30267133
Test: ran media CTS, watched for selinux denials.
Change-Id: I5aa5aaa5aa9e82465b8024f87ed32d6ba4db35ca

Historically we pushed all system_server SD card interactions through
DefaultContainerService to avoid holding open FDs, but it's safe to
measure disk usage for internal emulated storage when looking
directly at /data/media, since there is no risk of unsafe ejection.

These rule changes give us just enough access to measure statistics.

avc: denied { getattr } for path="/data/media/0/DCIM/.thumbnails" dev="sda35" ino=589892 scontext=u:r:system_server:s0 tcontext=u:object_r:media_rw_data_file:s0:c512,c768 tclass=dir permissive=1
avc: denied { open } for path="/data/media/0/DCIM/.thumbnails" dev="sda35" ino=589892 scontext=u:r:system_server:s0 tcontext=u:object_r:media_rw_data_file:s0:c512,c768 tclass=dir permissive=1
avc: denied { read } for name="0" dev="sda35" ino=589827 scontext=u:r:system_server:s0 tcontext=u:object_r:media_rw_data_file:s0 tclass=dir permissive=1

Test: builds, boots, and access allowed
Bug: 33298975
Change-Id: I9748608a5c1169d542e763c5a8f79c4f26f7a382

am: 685ef6b8

Change-Id: I8b1a5415261fcb6b939152ce2fe3b58b0353d1bd

am: dd649da8

Change-Id: I648e8b2869b4b2d95255575e257f07f11153865d

Remove /proc/net access to domain_deprecated. Add it to domains where it
was missing before.

Other than these domains, SELinux denial monitoring hasn't picked up any
denials related to /proc/net

Bug: 28760354
Test: Device boots
Test: No unexpected denials in denial collection logs.
Change-Id: Ie5bfa4bc0070793c1e8bf3b00676fd31c08d426a

am: 839c7ded

Change-Id: Ibbbc3e8e51cbe6a5e2f1e5be7839a1cc3341b33c

Vold shouldn't have this selinux permission, so this will be left in for
a few weeks to keep track of if removing it would be an issue to any
other processes. If not, then a follow-up CL will remove both the rule
and the auditallow

Test: This CL is a test in itself, auditallow rules shouldn't change
behavior of SELinux policy by themselves
Bug: 26901147
Change-Id: Ib076448863bd54278df59a3b514c9e877eb22ee5

Bug: 33067126
Test: Dumpstate vibrator works.
Change-Id: I46ff453218ba77f156e13b448e3cba9a291df0e7

am: 7b6dbd73

Change-Id: I5ba0baabf29c67d6de10b673ae9948fdab7b78bd

am: 280ba8b7

Change-Id: I40ea119e77002f6d71a1b0125c9420c24fc54d49

Sdcardfs now supports bind mounts and remounts
instead of needing several separate mounts

bug: 30954918
Test: Enable Sdcardfs, verify mounts
Change-Id: Id94713752a08ceeb6aea7d3c29a29d3293a9b0c8

am: a8340521

Change-Id: I0dc7cdaacd65f027f8615e5201f9357001e5b40b

am: 49e35884

Change-Id: Ib96dbc7f6467e55d595426242c59b9551e9ae75f

Addresses the following denials and auditallows:

avc: denied { read } for pid=561 comm="hwservicemanage" name="hw"
dev="dm-0" ino=1883 scontext=u:r:hwservicemanager:s0
tcontext=u:object_r:system_file:s0 tclass=dir permissive=0

avc: denied { read } for pid=748 comm="gatekeeperd" name="hw" dev="dm-0"
ino=1883 scontext=u:r:gatekeeperd:s0 tcontext=u:object_r:system_file:s0
tclass=dir permissive=0

avc: granted { read open } for pid=735 comm="fingerprintd"
path="/system/lib64/hw" dev="dm-0" ino=1883 scontext=u:r:fingerprintd:s0
tcontext=u:object_r:system_file:s0 tclass=dir

Test: no denials on boot
Change-Id: Ic363497e3ae5078e564d7195f3739a654860a32f

am: 8fe7b8d2

Change-Id: I904920227113f9b8e43182a4b3ba22b191cceb64

am: 2affae65

Change-Id: I9f5c692674c60b526b0ed7ac2bc46610b9e3c5ab

am: fae2794e

Change-Id: Iba87329c6ae3de6ad95868a9237eec83fd76da05

commit 221938cb
introduces a fix that uses braces around a single item.
This is not within the normal style of no brace around
a single item. Drop the braces.

Change-Id: Ibeee1e682c0face97f18d5e5177be13834485676
Signed-off-by: William Roberts <william.c.roberts@intel.com>

am: 03e74a20

Change-Id: I168746eb6e2fded35d2da632731d4300522e0afd

am: 31e9f39f

Change-Id: I763244982b9e104f3a2ef68a81609db0b5ca9f39

Never used.

Test: policy compiles.
Change-Id: I0ce6c46bb05925a4b3eda83531b28f873b0c9b99

As of system/core commit a742d1027784a54c535cff69b375a9f560893155, this
functionality is no longer used.

Test: device boots and no obvious problems.
Change-Id: Ia3ad8add92f1cdaaff36f4935be8b03458fed7f2

No denials showing up in collected audit logs.

Bug: 28760354
Test: Device boots
Test: No unexpected denials in denial collection logs.
Change-Id: I5a0d4f3c51d296bfa04e71fc226a01dcf5b5b508

No unexpected usages.

Bug: 28760354
Test: Device boots
Test: No unexpected denials in denial collection logs.
Change-Id: I43226fd0b8103afb1b25b1eb21445c04bc79954e

am: d1228f2e

Change-Id: Ic825465ad7cf20ebe26cb1f0a4e6077bf3648ce9