* changes:
  vold_prepare_subdirs: grant chown
  statsd: annotate boot denials

Test: none
Change-Id: I42f2c2a09235d907b020c4924b91a3428f6c9d8e

Addresses:
avc: denied { chown } for comm="vold_prepare_su" capability=0
scontext=u:r:vold_prepare_subdirs:s0
tcontext=u:r:vold_prepare_subdirs:s0 tclass=capability

Bug: 71796118
Test: build
Change-Id: I64b2f1ad8d6e0748c5820b8a37a4fc4f4101d1fb

Point logspam to its owner.

Bug: 71537285
Test: build
Change-Id: I9db561ee6f2857214b7945b312e6d303630724ea

and pulling metrics

Bug: 63757906
Test: manual testing conducted
Change-Id: Ieba524ee676dfb4a457d39d025d203bf02a70831

Perfetto is a performance instrumentation and logging framework,
living in AOSP's /external/pefetto.
Perfetto introduces in the system one binary and two daemons
(the binary can specialize in either depending on the cmdline).

1) traced: unprivileged daemon. This is architecturally similar to logd.
   It exposes two UNIX sockets:
   - /dev/socket/traced_producer : world-accessible, allows to stream
     tracing data. A tmpfs file descriptor is sent via SCM_RIGHTS
     from traced to each client process, which needs to be able to
     mmap it R/W (but not X)
   - /dev/socket/traced_consumer : privilege-accessible (only from:
     shell, statsd). It allows to configure tracing and read the trace
     buffer.
2) traced_probes: privileged daemon. This needs to:
   - access tracingfs (/d/tracing) to turn tracing on and off.
   - exec atrace
   - connect to traced_producer to stream data to traced.

init.rc file:
https://android-review.googlesource.com/c/platform/external/perfetto/+/575382/14/perfetto.rc

Bug: 70942310
Change-Id: Ia3b5fdacbd5a8e6e23b82f1d6fabfa07e4abc405

communicate with statsd

Test: manual testing conducted
Change-Id: Icd268e258f7cbdd9310baab53fe0c66f4f303d5e

This reverts commit d711d4d2.

Reason for revert: Shouldn't have submitted...

Change-Id: I5b88101f381ca59132ec7d24990ea41ac1b84171

getprop is broken out from toolbox/toybox, however its permissions
should remain the same, so label it appropriately.

Bug: 36001741
Test: boot bullhead with the new getprop
Change-Id: I4114ea21998da95173d882038bc6aebf39b64d7f

This reverts commit 640e595a. The
corresponding code in libcutils was removed, so this is now unneeded.

Bug: 71632076
Test: aosp_sailfish still works

Change-Id: I615bab83e9a83bc14439b8ab90c00d3156b0a7c4

This fixes an incorrect exception in the neverallow rule.

Test: Built policy for all lunch targets.
Change-Id: I283833131c6f1fd741e934de24c838594ac38a18

Finalize Wi-Fi RTT service name per API review.

Note: CL 2 of 2 - removing old entry.

Bug: 65108607
Test: integration tests
Change-Id: Id2b3d91ea2ca578a5834a299275df188c68475da

Finalize Wi-Fi RTT service name per API review.

Note: CL 1 of 2 - adding new entry here, will remove
old entry in next CL.

Bug: 65108607
Test: integration tests
Change-Id: I065ce9d570510180fa8c8f09e1025ac795706405

This reverts commit b40eb255.

Change-Id: I04d9e76152ed11ada4cabcc79bb4eec827f8abef

Bug: 64131637
Test: Manual
Change-Id: I0170c5eb465aa663582e3974348380a8f0c9b27f

1) fc_sort is not needed as there is no reason to sort system
   properties, so this is removed and replaced with a simply copy
2) Use the new property_info_checker instead of checkfc for
   validating property information.  This supports exact match
   properties and will be extended to verify property schemas in the
   future.

Bug: 36001741
Test: verify bullhead's property contexts correct
Test: verify faulty property contexts result in failures
Change-Id: Id9bbf401f385206e6907449a510e3111424ce59e

After offline discussions, we decided that this was the proper
exception to the neverallow rule.

Test: Built policy.

Change-Id: Ic1603bfdd803151ccfb79f90195b83b616acc873

This fixes failing vts drm tests

bug:67675811

Test:vts-tradefed run commandAndExit vts -m VtsHalDrmV1_0Target
Change-Id: I2f7e1c97e8c70fc312ca3c2c901f0a9607b05e83

Test: Boot the device
Change-Id: Ia468941e78803edebe311c73f424a41ac1faeaee

zygote->webview_zygote.

Forgot to ammend local change.

Test: webview_zygote denials are gone.
Change-Id: I02869812feafd127b39e567c28e7278133770e97

Commit erroneously 55039509 removed init's read access to
/sys/devices/virtual/block/zram*. Restore access.

Test: cat /proc/meminfo
    ...
    SwapTotal:        524284 kB
    SwapFree:         524284 kB
    ...
Bug: 71510938

Change-Id: I20268168caa541a7dafa1e32339641095e1e524b

This CL creates a traceur_app domain with userdebug privileges akin to
what shell has with regards to being able to find most services on
device. Previously, traceur was running as shell which was an
unintentional abuse of selinux architecture.

Bug: 68126425
Test: Traceur functions outside of shell user privilege
Change-Id: Ib5090e7e8225ad201b3ec24b506fe2717101d0f1

For consistency with zygote, allow webview_zygote to list directories
in /system.

Test: Boot Taimen. Verify webiew_zygote denials during boot.
Bug: 70857705
Change-Id: I27eb18c377a5240d7430abf301c1c3af61704d59

The system server is responsible for providing the network traffic
stats to Apps and services. Allow it to directly reading the eBPF maps
that stored these information can make the process of getting traffic
stats simplier.

Test: No selinux rule violation of system server reading netd bpf object
Bug: 30950746
Change-Id: I6d9438d1ed7c9bab45a708f5d2a85eb22f5e8170

Add the new classes for eBPF map and program to limit the access to eBPF
object. Add corresponding rules to allow netd module initialize bpf
programs and maps, use the program and read/wirte to eBPF maps.

Test: no bpf sepolicy violations when device boot
Change-Id: I63c35cd60f1972d4fb36ef2408da8d5f2246f7fd

Some necessary sepolicy rule changes for init process to create directory,
mount cgroupv2 module and mount bpf filesystem. Also allow netd to create
and pin bpf object as files and read it back from file under the
directory where bpf filesystem is mounted.

Test: bpf maps show up under /sys/fs/bpf/
Change-Id: I579d04f60d7e20bd800d970cd28cd39fda9d20a0