am: 3799c82a

Change-Id: I484c27ed2aec6eff85420cb80c4d7fc9a3fc060b

am: 52711066

Change-Id: Ic937b16aebdfe046e425c98c0de0d0dfa4b5fc62

am: ce5ca4d0

Change-Id: I7f9cfa0a144ddfd796897446990f2b61108755c1

am: d4eb49d1

Change-Id: I2b8c9b9d20cbec2a448ad60bc4abe7a52d8f7e46

This is needed for devices using configfs, where init listens for
sys.usb.ffs.ready=1 to config usb_gadget. When recovery starts
sideloading, minadbd (forked from recovery) sets the property to trigger
that action.

avc:  denied  { set } for property=sys.usb.ffs.ready pid=541 uid=0 gid=0
scontext=u:r:recovery:s0 tcontext=u:object_r:ffs_prop:s0
tclass=property_service

Bug: 35803743
Test: Device shows up in sideload mode.
Change-Id: Ie7f1224d3a8650160ac29811f73b8286fbced4f4

configstore: assign label to all minor versions of configstore service am: c895f278 am: 8741d4fe
am: 0e573bd5

Change-Id: Ifde25dcde7b5eec4a797124ed3eeaa45dc9d4414

am: 8741d4fe

Change-Id: Iae383ed802d0e8a78d30ded05dbe3e0817b439e5

am: c895f278

Change-Id: I49f55fba41b5242c7c4f36652afe9fee4808a349

Added rule:

/(vendor|system/vendor)/bin/hw/android\.hardware\.configstore@1\.[0-9]-service
u:object_r:hal_configstore_default_exec:s0

Bug: 37727469
Test: Built and tested on Sailfish
Change-Id: Icf167fad1c7e601c3662f527d1e3e844ff517b58

New binder kernel changes extend the areas where
binder will set real-time scheduling priorities
on threads; to make sure the driver can correctly
determine whether a process is allowed to run
at real-time priority or not, add the capability
to the services that need it.

Bug: 37293077
Test: processes run at real-time prio on incoming
      real-time binder calls.

Change-Id: Ia4b3e5ecb1f5e18e7272bdaaad5c31a856719633

am: fbb96d8a

Change-Id: I258cec0012787532b7bdcdbac6fecacd5a2cd33b

am: 702605c6

Change-Id: I23b987ecccce6e9622b0e7844d00c14f6ef4d21b

am: 611202ef

Change-Id: If107d1d43e9247be68065d711f471e538830ee18

am: e1074f8b

Change-Id: I4854065d0fd85782076ef96aeed137170e2e7a32

am: 7fa260ab  -s ours

Change-Id: Ic0a7b4a468b098b8351c7189ab9faa4a2a37b768

for CTS device info collection purposes.

Bug: 28656227
Test: m cts -j && cts-tradefed run cts -m Gesture --test
android.gesture.cts.GestureTest#testGetStrokes

Change-Id: I8caf3580fb05fb489dc5abb917c8cb78cb089fb7

am: 198c5c79

Change-Id: Ifc4b22ec15a64f6990512666206c3ee8834defba

am: c8fd16c7

Change-Id: I49e7c18e18a400147e1662304d39e25eeae51c55

am: ca0a352a

Change-Id: If463e73dce4db829206a4907a5fa12bfbe347fb9

am: 1ffa6f80

Change-Id: I4e1669df2067738858c2d7a1e79e0a153cfeef5b

am: b49bc821

Change-Id: I4e13baad4cc463142b5899855e0613c5ea829c8d

am: 07667733

Change-Id: I0263926bbc950f0186bdd9a7fa3eb8b8f9072ee0

am: b00a85c3

Change-Id: I82f7934d824a35644263eb298d6c2c5eb018c8b5

am: 4aac6fdb

Change-Id: I1614f394e0f0c071705e3696d3dd8124e72c24c2

am: 9686cbcd

Change-Id: Id0bacbd2022c24615b9e99108af1a8510be248fb

The following HAL methods use file descriptors to write dump
info comprising audioflinger debug dump:

IDevice.debugDump
IEffectsFactory.debugDump
IStream.debugDump

Bug: 37993476
Test: check contents of media.audio_flinger section in
      a bugreport captured on Pixel device
Merged-In: I77d347c019ac93c3ba0d54ce50f0fdc243b04685

Change-Id: Ia0531f715ae5f8b2599153e54a11e9eb4ee47d4b

Remove SELinux access from domain_deprecated. Access to SELinux APIs can
be granted on a per-domain basis.

Remove appdomain access to SELinux APIs. SELinux APIs are not public and
are not intended for application use. In particular, some exploits poll
on /sys/fs/selinux/enforce to determine if the attack was successful,
and we want to ensure that the behavior isn't allowed. This access was
only granted in the past for CTS purposes, but all the relevant CTS
tests have been moved to the shell domain.

Bug: 27756382
Bug: 28760354
Test: Device boots and no obvious problems. No collected denials.
Change-Id: Ide68311bd0542671c8ebf9df0326e512a1cf325b

In the init scripts for socket, the type can have a suffix of
"+cred" to request that the socket be bound to report SO_PASSCRED
credentials on socket transactions.  Here we add socket setopt
to selinux rules.

Test: gTest logd-unit-tests --gtest_filter=logd.statistics right after boot
      (fails without logd.rc change)
Bug: 37985222
Change-Id: I37cdf7eea93c3e8fa52964e765eaf3007e431b1f

am: c659e37c

Change-Id: I4d1285c41c77b9e828753b628cfdc76d3e2a3dd9

When installd clears cached files on external storage, the sdcardfs
kernel filesystem needs to be kept in the loop to release any cached
dentries that it's holding onto.  (Otherwise the underlying disk
space isn't actually released.)

installd can already delete the underlying files directly (via the
media_rw_data_file rules), so this technically isn't expanding its
capabilities.

avc: granted { search } for name="/" dev="tmpfs" ino=6897 scontext=u:r:installd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir
avc: denied { open } for path="/mnt/runtime/default/emulated/0/Android/data" dev="sdcardfs" ino=589830 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=1
avc: denied { write } for name="com.google.android.inputmethod.japanese" dev="sdcardfs" ino=590040 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=0
avc: denied { remove_name } for name="cache_r.m" dev="sdcardfs" ino=589868 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=0
avc: denied { getattr } for path="/mnt/runtime/default/emulated/0/Android/data/.nomedia" dev="sdcardfs" ino=589831 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=file permissive=1

Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.StorageHostTest
Bug: 37486230
Change-Id: Icfd00a9ba379b1f50c48fe85849304cf9859bcb2

am: 0181f5f1

Change-Id: Iba73223f49b67e48d893256428f4ef1ff97f62c5

The following HAL methods use file descriptors to write dump
info comprising audioflinger debug dump:

IDevice.debugDump
IEffectsFactory.debugDump
IStream.debugDump

Bug: 37993476
Test: check contents of media.audio_flinger section in
      a bugreport captured on Pixel device

Change-Id: I77d347c019ac93c3ba0d54ce50f0fdc243b04685

am: 1696a6e8

Change-Id: I1e5bdf92b84a56f5bdd7731afae6d324128f241a