On Marlin/Sailfish, StorageManager tests in CTS are exposing a bug
where the /proc/<pid>/ns/mnt files for system_server are briefly
mislabeled as "proc" instead of "system_server". Resulting in the
tests failing. Temporarily re-granting access to the default label
until the labeling issue can be tracked down.

Repro steps:
cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases \
-t android.os.storage.cts.StorageManagerTest

Failures:

android.os.storage.cts.StorageManagerTest#testOpenProxyFileDescriptor
fail: java.lang.IllegalStateException: command '58 appfuse mount 10065
959 0' failed with '400 58 Command failed'

android.os.storage.cts.StorageManagerTest#testOpenProxyFileDescriptor_async
fail: java.lang.IllegalStateException: command '59 appfuse mount 10065
959 1' failed with '400 59 Command failed'

android.os.storage.cts.StorageManagerTest#testOpenProxyFileDescriptor_error
fail: java.lang.IllegalStateException: command '60 appfuse mount 10065
959 2' failed with '400 60 Command failed'

From the log:

10-04 20:41:22.972   595   604 E vold    : Failed to open namespace for
/proc/959/ns/mnt: Permission denied
10-04 20:41:22.967   604   604 W vold    : type=1400 audit(0.0:90): avc:
denied { read } for dev="proc" ino=4026534249 scontext=u:r:vold:s0
tcontext=u:object_r:proc:s0 tclass=file permissive=0
10-04 20:41:23.051   604   604 W vold    : type=1400 audit(0.0:91): avc:
denied { read } for dev="proc" ino=4026534249 scontext=u:r:vold:s0
tcontext=u:object_r:proc:s0 tclass=file permissive=0
10-04 20:41:23.054   595   604 E vold    : Failed to open namespace for
/proc/959/ns/mnt: Permission denied
10-04 20:41:23.081   604   604 W vold    : type=1400 audit(0.0:92): avc:
denied { read } for dev="proc" ino=4026534249 scontext=u:r:vold:s0
tcontext=u:object_r:proc:s0 tclass=file permissive=0
10-04 20:41:23.086   595   604 E vold    : Failed to open namespace for
/proc/959/ns/mnt: Permission denied

sailfish:/ # ps -AZ | grep 959
u:r:system_server:s0           system         959   628 \
4557136 251500 SyS_epoll_wait 70e6df822c S system_server

The file labels appear to be correct when checked manually.

sailfish:/ # ls -lZ /proc/959/ns/
lrwxrwxrwx 1 system system u:r:system_server:s0 0 2017-10-04 17:19 mnt -> mnt:[4026534249]
lrwxrwxrwx 1 system system u:r:system_server:s0 0 2017-10-04 20:55 net -> net:[4026531906]

Bug: 67049235
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases \
    -t android.os.storage.cts.StorageManagerTes

Change-Id: Id4d200856c02c023c6f516e3f3bfa060e100086c

avc:  denied  { read } for  pid=446 comm="recovery" name="cmdline"
dev="proc" scontext=u:r:recovery:s0
tcontext=u:object_r:proc_cmdline:s0 tclass=file

Test: build
Bug: 66497047
Change-Id: I9f48db88bed0d6ac76fa2808a4913857230a5d4b

Bug: 37008075
Test: build, all tests pass. Modify some attributes locally to
    cause tests to fail (verify that they are actually working).
Change-Id: If9f9ece61dff835f38ef9c8a57f5a7baddbae5cd

This is a necessary for enforcing these tests in CTS.

Bug: 37008075
Test: build
Change-Id: I36b4ce71c26a0ba01cd0289fe363f0a9f7db1214
(cherry picked from commit 8d614b3f)

Grant update_engine access to sysfs.
Ran fake ota go/manual-ab-ota, and this denial was fixed:
avc: denied { read } for pid=912 comm="update_engine" name="compatible"
dev="sysfs" ino=17399 scontext=u:r:update_engine:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Test: boots with no new denials
Change-Id: I8697da3af254aea1cec44d9dbb1eca18be31859c

Duplicate of "allow domain su:fd use;"

Test: policy compiles.
Change-Id: I81d86a8b325d619d3ecc9450a011d6646605cab9

This reverts commit f9cd76b1.

Change-Id: I4f753f3159b422fbca94be78e620bee2c39de38a

Removes uncrypt access to the rest of /proc.
Fixes this denial, which can be triggered from recovery_component_test:
[  142.540819] type=1400 audit(1506983074.139:23): avc: denied { read }
for pid=5767 comm=uncrypt name=cmdline dev=proc ino=4026532114
scontext=u:r:uncrypt:s0 tcontext=u:object_r:proc_cmdline:s0 tclass=file
permissive=0

Bug: 66497047
Test: recovery_component_test --gtest_filter=UncryptTest.*
no more denials to /proc/cmdline
Change-Id: If1a7630779d667d52a0cc44114ef6177982de21c

This file is necessary for using an mr1 system image in conjunction
with an oc-dev vendor image.  This is currently needed by GSI testing,
for example.

(cherry-pick of commit: 03596f28)

Bug: 66358348
Test: File is included on system image.
Change-Id: I3a6b7ed5edf1c07941bbf835e70f2ae8d03fee25

Bug: 65643247
Test: SurfaceFlinger_test passes (except known failures) without selinux
denials
Change-Id: I6ce185f92e5ad64a172da7d7e12167d8da2ebed0

A parallel Wi-Fi RTT service is being added in parallel. Switch-over
will occur once the new service is ready.

Bug: 65014552
Test: integration tests
Change-Id: Ie4b15592140462af70c7092511aee3f603aaa411

* changes:
  nonplat_property_contexts: use fc_sort vs sort
  plat_property_contexts: use fc_sort vs sort

Test: adb bugreport
Bug: 63629306
Change-Id: I7a366b199ddd0ec303dc25ca8c35764c5d7e3af8

Bug: 65570851
Test: boot sailfish
Change-Id: I008bf5386595c614236de44131afcda7d3fd6d98
Merged-In: I008bf5386595c614236de44131afcda7d3fd6d98
(cherry picked from commit 82ca9c2e)

(This reverts internal commit: 82ca9c2e)
Test: None.

Merged-in: I97ffdd48b64ef5c35267387079204512a093a356
Change-Id: I97ffdd48b64ef5c35267387079204512a093a356

Used to display kernel version in settings app.

avc: denied { read } for name="version" dev="proc"
scontext=u:r:system_app:s0 tcontext=u:object_r:proc_version:s0
tclass=file permissive=0

Bug: 66985744
Test: kernel version now displayed in settings app.
Change-Id: I53f92f63362b900347fd393a40d70ccf5d220d30

sort respects locale settings, so the value of LC_ALL can affect
how sort orders things. This can cause labeling issues.

More information on locale and sort can be found via:
  * locale(1) - man 1 locale
  * sort(1) - man 1 sort
  * https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28539



Rather than deal with this locale setting use fc_sort on
property contexts. This also has the side-effect of
stripping comments, and thus sed can be dropped.

Test: This was tested by:
  * comparing outputs to previous runs
  * compile tested *only*.

Change-Id: I1e1eb4dff76f717b5f82f697e677a108abb69892
Signed-off-by: William Roberts <william.c.roberts@intel.com>

sort respects locale settings, so the value of LC_ALL can affect
how sort orders things. Issues have surfaced when CTS build
servers locale differs from image build server locale. And thus
the prologue of property_contexts differs with what CTS was
expecting.

More information on locale and sort can be found via:
  * locale(1) - man 1 locale
  * sort(1) - man 1 sort
  * https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28539



Rather than deal with this locale setting use fc_sort on
property contexts. This also has the side-effect of
stripping comments, and thus sed can be dropped.

Test: This was tested by:
  * comparing outputs to previous runs
  * booting the x86-64 emulator

Change-Id: I144ef549cc11d9c61849ffc0e1b1b000f1b8d1a8
Signed-off-by: William Roberts <william.c.roberts@intel.com>

Bug: 37916906
Test: Builds 'n' boots.
Change-Id: Ia1d86264446ebecc1ca79f32f11354921bc77668
Merged-In: I208ec6a864127a059fb389417a9c6b259d7474cb

Fixes: 65263013
Test: build
Merged-In: I0ec412481c5990927fcbee7c4303bee2da876210
Change-Id: I0a5b9a80e988fcd16a29807ed83b2c65bba9000f

Run-as is running a command under an app's uid and in its data
directory. That data directory may be accessed through a symlink
from /data/user. So give runas rights to read such a symlink.

Bug: 66292688
Test: manual
Test: CTS JVMTI tests
Change-Id: I0e0a40d11bc00d3ec1eee561b6223732a0d2eeb6

Bug: 65643247
Test: device boots without denials from lmkd
Change-Id: I6db8b52a4fb3edefbcbc87d6ca5f1b76162e9dce

The following commits were cherry-picked from internal master to AOSP,
but to avoid merge-conflicts we'll do a large diff instead of individual
cherry-picks:
521742e9
9aefc916
3686efca
de51e7de
fff3fe2f

Bug: 37916906
Test: angler builds and boots.
Merged-In: Ie010cc12ae866dbb97c387471f433158d3b699f3
Change-Id: I5126ebe88b9c76a74690ecf95851d389cfc22d1f

Bug: 65643247
Test: device boots without denials from bootanim to sysfs and cgroup.
Change-Id: Icf8c45906cb83e1b0a60737d67ae584b9d1b34aa