Bug: 35628284
Test: Boot and call HAL from system_server
Change-Id: I4cdacb601e0eea1f5f0e721c568c7ee04298704f

am: 870160d5

Change-Id: Ia54190a372be0ffb8ed573dab31cdce4c0ddbf7a

am: 42424f13

Change-Id: Id9375a6dc3688408e306bdc051fec4d8754d07eb

am: faea9dc2

Change-Id: Ia1ca45499e8ef960c2d23aa20494fa1884e2f7b6

am: 6c1362b2

Change-Id: Id4a437ec7acbf362cd82690fe0d850dd0951c104

am: c98b275e

Change-Id: I424909584152898fa81d8eacf664db851f47e37c

am: d4a96aac

Change-Id: I89f24a3ba1ca855aba0731f8320aeac93e7bcb66

am: ec5e26e4

Change-Id: Ie791b20d2ae2e2690846f18fa0bc74926990bdbc

am: ed3458c2

Change-Id: I47746d594572760d25b569fb877351c4f1ea1628

am: f79d1904

Change-Id: I7bda1cd1af603adc5fbf142c66bdf5b6b146ad7f

am: df679fdb

Change-Id: I4f0d343f42d8bc5c97b2a7c129c63c8e7c50cd3d

am: 9075699a

Change-Id: If3e3e246b7ef5ed0142bc7b180d4d7cfb559ea03

am: 1b5f81a2

Change-Id: Ic9e87837f68ac31cfedd735bd20a44cdf029c79e

* changes:
  sepolicy: fix comments around 'domain' access to search in /vendor
  sepolicy: remove redudant rule for symlinks in /vendor/app
  sepolicy: restrict access for /vendor/framework.
  sepolicy: restrict /vendor/overlay from most coredomains
  sepolicy: restrict /vendor/app from most coredomains

am: c01e5a13

Change-Id: I700030a34443305af955a6153921447024a90d4f

am: 38416182

Change-Id: I9e08b187ccad4f4263de54aae1248b1691aa7d08

Some of the same process HAL labeling was missing from Marlin.
These are identified by tracking library dependencies.

Bug: 37084733
Test: Build and boot sailfish. The change allows the labelled libraries
      to be opened by any domain. So, the boot test is sufficient.

Change-Id: Id55e834d6863ca644f912efdd690fccb71d3eaf3
Signed-off-by: Sandeep Patil <sspatil@google.com>

am: 3dca6eb2

Change-Id: I84eb61aad4ac9a27fd804abaae3830c6a8ced97b

am: 133a9c41

Change-Id: I2991bcea9893c2b9cd2b320e4ef1b071126f133e

All accesses to /vendor/app within platform include permissions to read
symlinks in the location. This rule is redundant now.

Bug: 36806861
Test: Boot sailfish and find no denials for 'vendor_app_file'

Change-Id: Ic17a67521cff6717d83b78bb4ad8e21e772f6d4f
Signed-off-by: Sandeep Patil <sspatil@google.com>

/vendor/framework is now designated location for vendor's platform
libraries. The directory is thus only made available for 'dex2oat'
coredomain.

Bug: 36680116
Test: Boot sailfish & angler and launch gApps, dialer w/ no denials for
      'vendor_framework_file'

Change-Id: I24c2ec30f836330005a972ae20d839bef9dcb8aa
Signed-off-by: Sandeep Patil <sspatil@google.com>

The change makes 'vendor_overlay_file' accessible only to few platform
domains like idmap, system_server, zygote and appdomain.

The overlay files contains RROs (runtime resource overlays)

Bug: 36681210
Test: Boot sailfish (treble device) from wiped flashall
Test: Connect to wifi and launch chrome to load few websites.
Test: Launch camera and record + playback video

Change-Id: I3596ca89ad51d0e7d78c75121f22ea71209ee332
Signed-off-by: Sandeep Patil <sspatil@google.com>

Effectively removes TODOs and finalizes the initial solution to allow
all domains access to 'vendor_file'.

Bug: 36681074
Test: Build and boot sailfish (no policy changes in the CL)

Change-Id: I50c05e20175c5273b34901809d967dd3e48bdb0e
Signed-off-by: Sandeep Patil <sspatil@google.com>

The change makes 'vendor_app_file' accessible only to few platform
domains like dex2oat, idmap, installd, system_server and appdomain.

Bug: 36681210
Test: Boot sailfish (treble device) from wiped flashall
Test: Connect to wifi and launch chrome to load few websites.
Test: Launch camera and record + playback video

Change-Id: Ib8757fedbf2e19c8381c8cd0f8f2693b2345534b
Signed-off-by: Sandeep Patil <sspatil@google.com>

am: 9c6a2447

Change-Id: I18cf57e51df23efe6be2bcedcc46437bda2f77ed

am: bc9e17bb

Change-Id: I4a5643d0725b76afeb191ba121556a1e95fc3771

am: dd9ba982

Change-Id: I5f0a5d7e8dd238f2f105bfac101897c1fda7aa44

am: a902511f

Change-Id: Idb05d766da22a1f52252e27f632af49928779987

am: 84674b7e

Change-Id: I17c3df373607889b0ce1fa9cbda16346298e3ca9

Bug: 34454312
Bug: 36052864
Test: device boots, works
Change-Id: If61d9b736a74c5944cef4449de4dfbaf78d9ccfa

am: 705a3d0b

Change-Id: I3b934fc0fb674051c8227b2a6f405e454ff9fa42

This is a necessary first step to finalizing the SELinux policy build
process.  The mapping_sepolicy.cil file is required to provide backward
compatibility with the indicated vendor-targeted version.

This still needs to be extended to provide N mapping files and corresponding
SHA256 outputs, one for each of the N previous platform versions with which
we're backward-compatible.

Bug: 36783775
Test: boot device with matching sha256 and non-matching and verify that
device boots and uses either precompiled or compiled policy as needed. Also
verify that mapping_sepolicy.cil has moved.

Change-Id: I5692fb87c7ec0f3ae9ca611f76847ccff9182375

sepolicy-analyze allows users to see all types that have a given
attribute, but not the reverse case: all attributes of a given type.
Add a '--reverse' option which enables this, but keeps the previous
interface.

Usage: sepolicy-analyze sepolicy attribute -r init

Bug: 36508258
Test: Build and run against current policy.

(cherry picked from commit d444ebed)

Change-Id: I9813ebf61d50fb5abbc8e52be4cf62751979bbd4

logcatd is the same as logcat, except that the -L flag, if supplied,
runs once, then the command re-runs itself without the -L flag with
the same argument set.  By introducing a logcatd daemon executable
we can solve the problem of the longish reads from pstore that
sometimes occur when the system is excessively busy spinning in a
foreground task starving this daemon as we absorb the delay in
an init service, rather than in an init exec.  This would not have
been efficiently possible without the introduction of liblogcat.

Test: gTest logcat-unit-tests
Test: Manual check logpersist operations
Bug: 28788401
Bug: 30041146
Bug: 30612424
Bug: 35326290
Change-Id: I3454bad666c66663f59ae03bcd72e0fe8426bb0a