am: 4bdefb59

Change-Id: I175b06b26a82859425a853d270d61dcf021b37dc

am: 2446a665

Change-Id: I54c7013a909ef4dd35a47c616f32679cdc77f31d

am: 9935362c

Change-Id: Id65a9b5932b3c076ffa8ec189efe5877b12663f4

In permissive mode we get more spurious denials when O_CREAT is used
with an already-existing file. They're harmless so we don't need to
audit them.

Example denials:
denied { add_name } for name="trigger" scontext=u:r:init:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1
denied { create } for name="trigger" scontext=u:r:init:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

Bug: 72643420
Bug: 74182216

Test: Device boots, denials gone.
Change-Id: I54b1a0c138ff5167f1d1d12c4b0b9e9afaa5bca0
(cherry picked from commit 7d4294cb)

am: 7fe796a0

Change-Id: I46a6c2fc5dfedeca5957fa8d4e7da6a6059c40bd

am: bec73b03

Change-Id: Icee224466327ab9db890381d1f3fa6be2436e836

am: 7abd4699

Change-Id: I3f30335d1cb14f488b5b8841e2a91e87b0ef59a9

This reverts commit 4e79b64e.

Reason for revert: broke something internal

Change-Id: Iec5f2c17fc768424c0b82936a069e42de0b66555

Access to these files was removed in Oreo. Enforce that access is not
granted by partners via neverallow rule.

Also disallow most untrusted app access to net.dns.* properties.

Bug: 77225170
Test: system/sepolicy/tools/build_policies.sh
Change-Id: I85b634af509203393dd2d9311ab5d30c65f157c1

These denials occur fairly often, causing some logspam.

Bug: 77225170
Test: Boot device.
Merged-In: Icd73a992aee44007d0873743f706758f9a19a112
Change-Id: Icd73a992aee44007d0873743f706758f9a19a112
(cherry picked from commit a66d1a45)

Bug: 74182216
Test: build policy
Change-Id: Ice800c571e9be469dffa212c478c10e63b80deca

am: c22f9711

Change-Id: I497dcd53fecb0cde875be8900e969a79ee532546

am: b862c7ae

Change-Id: If10eef99cd3c1102ea4f6a4b21bcb1b99e3cdcac

am: dd7d5a70

Change-Id: Iab6878a235cfb2959614f4ef757c501884464be9

We only need this change for aosp devices. Internal sepolicy for healthd
domain is different and does not need this.

Addresses this denial:
avc: denied { open } for path="/sys/class/power_supply" dev="sysfs"
ino=25340 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0
tclass=dir permissive=1

Test: $OUT/vendor/etc/selinux/precompiled_sepolicy contains the new
permission.
Change-Id: Ie47c231af800026fd9d8a1f752253bb338768c13

The ConfirmationUI API has a callback interface by which confirmation
results are presented to the calling app. This requires keystore to call
into apps.

Test: Device boots and no more denials when call back is delivered to
      apps.
Bug: 63928580
Change-Id: Ie23211aeb74c39956c3c3b8b32843d35afa1315a

Give statsd rights to connect to perfprofd in userdebug.

Test: mmma system/extras/perfprofd
Change-Id: Idea0a6b757d1b16ec2e6c8719e24900f1e5518fd

am: f81c1227

Change-Id: I1afc1a97c9e136f11b17083e2ce790c6aaf74f6c

A default value of persist.radio.multisim.config can be set by SoC
vendors, and so vendor-init-settable should be allowed to it.

Bug: 73871799
Test: succeeded building and tested with taimen
Change-Id: Ie62b91e7e3d7e05425b742838417f1cab7b3fed4

am: 391462d1

Change-Id: I29178d894928fa4f6be0c7b76b678c7507562671

Use the user policy when running the compatibility tests.

Bug: 74344625
Test: Built policy for many devices.  Booted one device.
Test: Delete some compat rules, verify error on userdebug.
Change-Id: Ib2df2dfc06cdf55a839011e9a528e76160a9e436

am: a8b42c97

Change-Id: Ia37b19c4c88cd484b7244c5049756c06f0c37196

Suppress WAI denials from crashdump.

Test: build/flash Taimen. Verify no new denials.
Bug: 68319037
Change-Id: If39d057cb020def7afe89fd95e049e45cce2ae16
(cherry picked from commit cc0304cf)

am: a3cb775f

Change-Id: Ibaec960498df982798ac840b661f49f8b4603aee

Verify that the SELabels used in property_contexts correspond to a
real type in the SEPolicy and that this type has the property_type attribute.

Additionally add a check that vendor property_context files do not
duplicate entries in plat property_contexts, and a similar check that
odm property_contexts doesn't duplicate either plat or vendor
property_contexts.

Bug: 74078792
Test: Build property_contexts on bullhead successfully
Test: See failure when using a faulty SELabel in property_contexts
Test: See failure when duplicating label in vendor and plat property_contexts
Change-Id: I4d2338dab68f1c5a8ed110aa7821f0677f61bafb

am: 4f673cf4

Change-Id: I13ede3ce0e2f4ea82782efce24120b3e77464333

am: 5d317326

Change-Id: Id12c02eac66cff08093b572295812b99ffa2a792

This reverts commit 6f2040f8.

Reason for revert: not needed anymore after ag/3773705
This was meant to allow system_server toggling the property on/off.
Later we realized that we needed a separate property for that 
(see discussion in b/76077784) and system server happens to
have already permissions to write to sys.* properties even without
this CL.
Reverting because at this point this creates just unnecessary clutter.

Change-Id: Ia73d000aad3c4288a5652047dfe10896e231b0b1
Test: perfetto_integrationtests
Bug: 76077784