Allows partners to add a new attribute definition to their public
policy without causing a compatibility failure with the AOSP system
image.

Bug: 67092827
Bug: 37915794
Test: build and boot aosp_sailfish with new type declared in public
    policy

Change-Id: I015c26fa7c399423e8a6e7079b5689007d031479

FAILED:
out/target/product/sailfish/obj/ETC/treble_sepolicy_tests_intermediates/treble_sepolicy_tests
Error: library-path out/host/darwin-x86/lib64/libsepolwrap.so
does not exist

Note, fixing here instead of reverting to avoid reverting
changes in CTS.

Test: ctate testing on Mac
Change-Id: I95f483b152d9bece1a16267cbc49eedb1f902990

so they can use MediaExtractor too.

Bug: 67406992
Test: yes
Change-Id: Iaacadc13b1fc032fe31eea1f3ecbbbabb741470a

This functionality is being used, apparently.

Addresses the following auditallow spam:

  type=1400 audit(0.0:1039): avc: granted { write } for
  comm="Chrome_ProcessL"
  path="/storage/emulated/0/Android/data/com.bleacherreport.android.teamstream/cache/.com.google.Chrome.sk5n91"
  dev="sdcardfs" ino=1877565 scontext=u:r:isolated_app:s0:c512,c768
  tcontext=u:object_r:sdcardfs:s0 tclass=file

Test: policy compiles.
Bug: 32896414
Change-Id: I627e20c38115f1d579e78ca12abfa717d32a155a

"append" has almost the same behavior as "write".

Test: policy compiles.
Change-Id: I3f85108e7918766f07e03f74c3f1d8e8084042b3

avc:  denied  { read } for  pid=446 comm="recovery" name="cmdline"
dev="proc" scontext=u:r:recovery:s0
tcontext=u:object_r:proc_cmdline:s0 tclass=file

Test: build
Bug: 66497047
Change-Id: I9f48db88bed0d6ac76fa2808a4913857230a5d4b

Bug: 37008075
Test: build, all tests pass. Modify some attributes locally to
    cause tests to fail (verify that they are actually working).
Change-Id: If9f9ece61dff835f38ef9c8a57f5a7baddbae5cd

This is a necessary for enforcing these tests in CTS.

Bug: 37008075
Test: build
Change-Id: I36b4ce71c26a0ba01cd0289fe363f0a9f7db1214
(cherry picked from commit 8d614b3f)

Grant update_engine access to sysfs.
Ran fake ota go/manual-ab-ota, and this denial was fixed:
avc: denied { read } for pid=912 comm="update_engine" name="compatible"
dev="sysfs" ino=17399 scontext=u:r:update_engine:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Test: boots with no new denials
Change-Id: I8697da3af254aea1cec44d9dbb1eca18be31859c

Duplicate of "allow domain su:fd use;"

Test: policy compiles.
Change-Id: I81d86a8b325d619d3ecc9450a011d6646605cab9

This reverts commit f9cd76b1.

Change-Id: I4f753f3159b422fbca94be78e620bee2c39de38a

Removes uncrypt access to the rest of /proc.
Fixes this denial, which can be triggered from recovery_component_test:
[  142.540819] type=1400 audit(1506983074.139:23): avc: denied { read }
for pid=5767 comm=uncrypt name=cmdline dev=proc ino=4026532114
scontext=u:r:uncrypt:s0 tcontext=u:object_r:proc_cmdline:s0 tclass=file
permissive=0

Bug: 66497047
Test: recovery_component_test --gtest_filter=UncryptTest.*
no more denials to /proc/cmdline
Change-Id: If1a7630779d667d52a0cc44114ef6177982de21c

This file is necessary for using an mr1 system image in conjunction
with an oc-dev vendor image.  This is currently needed by GSI testing,
for example.

(cherry-pick of commit: 03596f28)

Bug: 66358348
Test: File is included on system image.
Change-Id: I3a6b7ed5edf1c07941bbf835e70f2ae8d03fee25

Bug: 65643247
Test: SurfaceFlinger_test passes (except known failures) without selinux
denials
Change-Id: I6ce185f92e5ad64a172da7d7e12167d8da2ebed0

A parallel Wi-Fi RTT service is being added in parallel. Switch-over
will occur once the new service is ready.

Bug: 65014552
Test: integration tests
Change-Id: Ie4b15592140462af70c7092511aee3f603aaa411

* changes:
  nonplat_property_contexts: use fc_sort vs sort
  plat_property_contexts: use fc_sort vs sort

Test: adb bugreport
Bug: 63629306
Change-Id: I7a366b199ddd0ec303dc25ca8c35764c5d7e3af8

Bug: 65570851
Test: boot sailfish
Change-Id: I008bf5386595c614236de44131afcda7d3fd6d98
Merged-In: I008bf5386595c614236de44131afcda7d3fd6d98
(cherry picked from commit 82ca9c2e)

(This reverts internal commit: 82ca9c2e)
Test: None.

Merged-in: I97ffdd48b64ef5c35267387079204512a093a356
Change-Id: I97ffdd48b64ef5c35267387079204512a093a356

Used to display kernel version in settings app.

avc: denied { read } for name="version" dev="proc"
scontext=u:r:system_app:s0 tcontext=u:object_r:proc_version:s0
tclass=file permissive=0

Bug: 66985744
Test: kernel version now displayed in settings app.
Change-Id: I53f92f63362b900347fd393a40d70ccf5d220d30

sort respects locale settings, so the value of LC_ALL can affect
how sort orders things. This can cause labeling issues.

More information on locale and sort can be found via:
  * locale(1) - man 1 locale
  * sort(1) - man 1 sort
  * https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28539



Rather than deal with this locale setting use fc_sort on
property contexts. This also has the side-effect of
stripping comments, and thus sed can be dropped.

Test: This was tested by:
  * comparing outputs to previous runs
  * compile tested *only*.

Change-Id: I1e1eb4dff76f717b5f82f697e677a108abb69892
Signed-off-by: William Roberts <william.c.roberts@intel.com>

sort respects locale settings, so the value of LC_ALL can affect
how sort orders things. Issues have surfaced when CTS build
servers locale differs from image build server locale. And thus
the prologue of property_contexts differs with what CTS was
expecting.

More information on locale and sort can be found via:
  * locale(1) - man 1 locale
  * sort(1) - man 1 sort
  * https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28539



Rather than deal with this locale setting use fc_sort on
property contexts. This also has the side-effect of
stripping comments, and thus sed can be dropped.

Test: This was tested by:
  * comparing outputs to previous runs
  * booting the x86-64 emulator

Change-Id: I144ef549cc11d9c61849ffc0e1b1b000f1b8d1a8
Signed-off-by: William Roberts <william.c.roberts@intel.com>

Bug: 37916906
Test: Builds 'n' boots.
Change-Id: Ia1d86264446ebecc1ca79f32f11354921bc77668
Merged-In: I208ec6a864127a059fb389417a9c6b259d7474cb