am: 2e975396

* commit '2e975396':
  Revert "Remove domain_deprecated from sdcard domains"

am: c4121add

* commit 'c4121add':
  Revert "Remove domain_deprecated from sdcard domains"

This reverts commit 0c7bc58e.

bug: 26807309

Change-Id: I8a7b0e56a0d6f723508d0fddceffdff76eb0459a

am: 7676d3d9

* commit '7676d3d9':
  domain: grant write perms to cgroups

am: be0616ba

* commit 'be0616ba':
  domain: grant write perms to cgroups

Was moved to domain_deprecated. Move back to domain.

Files in /acct/uid/*/tasks are well protected by unix permissions.
No information is leaked with write perms.

Change-Id: I8017e906950cba41ce350bc0892a36269ade8d53

am: a321dde8

* commit 'a321dde8':
  Restore untrusted_app proc_net access.

am: 5833e3f5

* commit '5833e3f5':
  Restore untrusted_app proc_net access.

Address the following denial:
type=1400 audit(0.0:853): avc: denied { read } for name="/" dev="proc" ino=1 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:proc:s0 tclass=dir permissive=0

Bug: 26806629
Change-Id: Ic2ad91aadac00dc04d7e04f7460d5681d81134f4

am: fa46a737

* commit 'fa46a737':
  Using r_dir_file macro in domain.te

am: 093ea6fb

* commit '093ea6fb':
  Using r_dir_file macro in domain.te

am: dd55b44d

* commit 'dd55b44d':
  Remove domain_deprecated from sdcard domains

am: cdae042a

* commit 'cdae042a':
  Remove domain_deprecated from sdcard domains

r_dir_file(domain, self)

allow domain self:dir r_dir_perms;
allow domain self:lnk_file r_file_perms;
allow domain self:file r_file_perms;

te_macros
define(`r_dir_file', `
allow $1 $2:dir r_dir_perms;
allow $1 $2:{ file lnk_file } r_file_perms;
')

Change-Id: I7338f63a1eaa8ca52cd31b51ce841e3dbe46ad4f

am: c119fab9

* commit 'c119fab9':
  bootstat: Fix the SELinux policy after removing domain_deprecated.

Change-Id: I65d7c0bb306f61dfe0ad2a5581f28dbc2942a1eb

am: ae29dea8

* commit 'ae29dea8':
  bootstat: Fix the SELinux policy after removing domain_deprecated.

am: 7171232c

* commit '7171232c':
  Delete policy it is alread included in binder_call macros.

In the same process as voiceinteraction.

Please see related CL ag/852049

Bug: 22860713
Change-Id: I43ebfdba2aafb151dd7db0814570027e1164508a

* Allow reading /proc.

type=1400 audit(1453834004.239:7): avc: denied { read } for pid=1305
comm="bootstat" name="uptime" dev="proc" ino=4026536600
scontext=u:r:bootstat:s0 tcontext=u:object_r:proc:s0 tclass=file
permissive=0

* Define domain for the /system/bin/bootstat file.

init: Service exec 4 (/system/bin/bootstat) does not have a SELinux
domain defined.

Bug: 21724738
Change-Id: I4baa2fa7466ac35a1ced79776943c07635ec9804

define(`binder_call', `
allow $1 $2:binder { call transfer };
allow $2 $1:binder transfer;
allow $1 $2:fd use;
')

binder_call(surfaceflinger, appdomain)
binder_call(surfaceflinger, bootanim)

it is alread include these policy.. so I can delete these policy!
allow surfaceflinger appdomain:fd use;
allow surfaceflinger bootanim:fd use;

am: c37b0c33

* commit 'c37b0c33':
  Delete duplicated policy, it is already include in app.te.

am: 0220b345

* commit '0220b345':
  Delete duplicated policy, it is already include in app.te.

Change-Id: I7fe13cbe563dcd2f286696010f0a5034dfee0202

am: 6899e0a3

* commit '6899e0a3':
  Allow update_engine to use Binder IPC.

allow appdomain keychain_data_file:dir r_dir_perms;
allow appdomain keychain_data_file:file r_file_perms;

am: c37fa203

* commit 'c37fa203':
  Add adbd socket perms to system_server.

am: b037a6c9

* commit 'b037a6c9':
  Add adbd socket perms to system_server.

Register service with servicemanager and name the context.

avc: denied { call } for scontext=u:r:update_engine:s0 tcontext=u:r:servicemanager:s0 tclass=binder
avc: denied { add } for service=android.os.IUpdateEngine scontext=u:r:update_engine:s0 tcontext=u:object_r:update_engine_service:s0 tclass=service_manager

Also allow priv_app to communicate with update_engine.

avc: denied { find } for service=android.os.IUpdateEngine scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:update_engine_service:s0 tclass=service_manager
avc: denied { call } for scontext=u:r:priv_app:s0:c512,c768 tcontext=u:r:update_engine:s0 tclass=binder
avc: denied { call } for scontext=u:r:update_engine:s0 tcontext=u:r:priv_app:s0 tclass=binder

Change-Id: Ib4498717c1a72f5faab5ea04c636924ee4eb412c

Commit 2fdeab37 added ability to debug
over adbd for zygote-spawned apps, required by removal of domain_deprecated
from untrusted_app.  This functionality is a core debugabble component
of the android runtime, so it is needed by system_server as well.

Bug: 26458796
Change-Id: I29f5390122b3644449a5c3dcf4db2d0e969f6a9a

am: 97ebf96a

* commit '97ebf96a':
  app: connect to adbd

am: 2fdeab37

* commit '2fdeab37':
  app: connect to adbd

Permission to connect to adb was removed from untrusted_app when
the domain_deprecated attribute was removed. Add it back to support
debugging of apps. Grant to all apps as eventually
domain_deprecated will be removed from everything.

Bug: 26458796
Change-Id: I4356e6d011094cdb6829210dd0eec443b21f8496