This removes the unconditional inclusion of secilc and sepolicy.
These artefacts are now conditionally included by system/core/init.
The reason for declaring the conditional inclusion there is because
the desired conditional inclusion based on PRODUCT_FULL_TREBLE cannot
be declared here because PRODUCT_FULL_TREBLE is not yet available when
this file is interpreted.
Test: Device boots, no additional SELinux denials. This test is
performed on a device with PRODUCT_FULL_TREBLE set to true, and
on a device with PRODUCT_FULL_TREBLE set to false.
Test: Device with PRODUCT_FULL_TREBLE set to true contains secilc and
the three *.cil files, but does not contain the sepolicy file.
Device with PRODUCT_FULL_TREBLE set to false contains sepolicy
file but does not contain the secilc file or any *.cil files.
Bug: 31363362
Change-Id: Ia3f38948b71a054918f5f63c594ba62a033e1066
Similar to vendor/manifest.xml on device, this file lists
all HALs defined in the framework (and hence go
to the system image). IServiceManager / IMemory /
etc. getService should consult this file (via VINTF
object under /system/libvintf) to return the HAL in the correct
transport mode.
Bug: 34772739 Create system/manifest.xml
Bug: 35219444 Need interface + instance entry
Test: compiles and manually confirm that system/manifest.xml exist.
Change-Id: I5b3c79b068841e47062cbab6f72d70555801a21d
The SELinux policy compiler needs to be available on-device to compile
SELinux policy at boot on some devices. For now, we're including this
unconditionally, but, going forward, we will include this binary only
on devices which need it.
Test: Device boots -- secilc is not yet used anyway
Bug: 31363362
Change-Id: I7712b70d7c5b4c57bec2cdb44519b42d26758d09
full_base_telephoney.mk file gets used only for emulators which should
have bluetooth disabled. Using the default handheld_core_hardware.xml
file has bluetooth enabled. We should use the generic
handheld_core_hardware.xml file for emulators which has bluetooth
disabled.
Its presence causes problems upstream in SystemServer when
BluetoothService starts and requires an extra emulator config change
which should not be there.
Bug: 35361545
Test: Verified by launching Android Emulator. It works fine and does not
start bluetooth.
Change-Id: I484c3d5867f46853fb49f28422dd72ab362ed768
We are splitting android.hidl.memory into android.hidl.allocator and
android.hidl.memory to reflect the fact that we have two separate
interfaces which are served over different transports.
Bug: 35327976
Test: hidl_test, device boots with allocator
Merged-In: I36b1554d20f89ecd60a836c04f788ac83e0a1f5c
Change-Id: I36b1554d20f89ecd60a836c04f788ac83e0a1f5c
We are splitting android.hidl.memory into android.hidl.allocator and
android.hidl.memory to reflect the fact that we have two separate
interfaces which are served over different transports.
Bug: 35327976
Test: hidl_test, device boots with allocator
Change-Id: I36b1554d20f89ecd60a836c04f788ac83e0a1f5c
BUG: 34861221
Test: build and run sdk_google_phone_x86_64 with emulator
and check radio logcat to make sure it does not complain
about the 32bit library system/lib/libreference-ril.so
being used. Also check the kernel message to make sure
rild is launched properly
Change-Id: I6cbd5abcf64bec9a504066a43fefc55fa698a864
Until all backwards-compatibility support is in place, the emulator
targets need to not use the Treble path.
Bug: 32991422
Bug: 32989965
Test: Built aosp_x86_64-eng and verified build.prop has the new key
Change-Id: I72487126b0ec7c7794bb3f57f4b1a649a2ec140b
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Successfully boot with split serivce and property contexts.
Change-Id: I1932684f600dd34d5136e72ac053fae13f0c3eba
Signed-off-by: Sandeep Patil <sspatil@google.com>
Test: make -j64 and flash the device and
ensure that lshal is available on the device.
Bug: 34712252
Change-Id: If61047afb27f9da9f8825ce18e2dfc0b3dec10e2
The Cell Broadcast Receiver app deal with special notifications
such as AMBER Alerts.
Some CTS Verifier tests check the user's ability to configure this app.
BUG: 32504713
Test: Manual and CTS Verifier
(cherry picked from 194e96d944fd736a0db0d97426ca2686d7a59a35)
Change-Id: Ia18bd5c763330f7520c9f445e15d9c3b197d796f
* changes:
Increase system image size for arm64 to 2.5G to fix buildbot
Increase system image size for x64 to 2.5G
Increase system image size to 2GB for the emulator
This change adds default implementation of configstore@1.0 HAL to all
embedded devices.
Bug: 34314793
Test: build. make sure /system/bin/hw has file
android.hardware.configstore@1.0-service
Change-Id: I65f416560de9d65c57e6cfcb9a6fe26b0140d4a6
mediaanalytics has been renamed to mediametrics; set up
so that we build the new component name instead of the old one.
Bug: 34615027
Test: clean build, proper binary generated
* changes:
Add audio HIDL *-impl and -service libraries to product packages
Add default audio_submix module to sdk_base build
Switch video codec config xml to goldfish version
Adding goldfish_audio_legacy hal to emulator build
Switch emulator sdk build audio_conf to goldfish
Need to have custom configuration for goldfish video codecs.
Bug:31648354
Test: Build emu and check correct file copied
Change-Id: I30282bc3c4bdb0e88d98a76908bebb2939fd0d64
(cherry picked from commit 9d9cefd03e3f794d6a5aafb9ba2ec4c4d262c224)
This IDC file won't be used by the emulator, unless there's an input
device called goldfish_rotary. That device is being added to the kernel
in http://r.android.com/321420.
Once that device is present, EventHub will look for a file named
goldfish_rotary.idc in the system/usr/idc directory to get the device
configuration.
Bug: 33292948
Change-Id: I384f29980d802280e626915844bddc49bc46110d
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Successfully boot with split serivce and property contexts.
Change-Id: I1f218ca842407d30650b8987ded6679672171091
Signed-off-by: Sandeep Patil <sspatil@google.com>
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Successfully boot with split serivce and property contexts.
Change-Id: I6fec8d9b3023de09d69198c9e72311a1f03fe844
Signed-off-by: Sandeep Patil <sspatil@google.com>
Change gallery application from Gallery to Gallery2. Gallery does not
seem to have been changed in a long time and AOSP images for devices use
Gallery2 so emulator images should match that.
BUG: 29334386
Change-Id: I1054af38aa1c100cdb671688e2d7aaaf882753af
(cherry picked from commit ea9467cd003f51e83e497b6fbd1a4abd9705be29)
Bug: 34134179
Test: both 32 and 64 bit versions of this file are on the device after a
clean build.
Change-Id: I75ab12246c2c44e39b5e863dfec98dc72a36fbbe
This is the service that provides shared memory for hidl/treble
processes.
Bug: 32185232
Test: builds
Change-Id: I79162a781daad7aa704f4ee071fef0bbdea59a18
This reverts commit fad4b4b715.
Incorporating the following fixes:
1.
fsconfig: fix fs_config_* build for discovered headers
When android_file system_config.h is picked up from the device
directory, neither TARGET_FS_CONFIG_GEN or TARGET_ANDROID_FILESYSTEM_CONFIG_H
are specified. Thus, the build is not generating the required fs_config_files
and fs_config_dirs.
Test: Ensure that make fs_config_files works, and produces the same output as before
Build the system image and mount it as a loop back and dump the file system
capabilities with getcap. Verify that output to the supplied
android_file system_config.h
From the loopback of the system.img mount, from CWD system/bin:
$ getcap *
cnss-daemon = cap_net_bind_service+ep
hostapd = cap_net_admin,cap_net_raw+ep
imsdatadaemon = cap_net_bind_service+ep
ims_rtp_daemon = cap_net_bind_service+ep
logd = cap_setgid,cap_audit_control,cap_syslog+ep
mm-qcamera-daemon = cap_sys_nice+ep
pm-service = cap_net_bind_service+ep
run-as = cap_setgid,cap_setuid+ep
surfaceflinger = cap_sys_nice+ep
webview_zygote32 = cap_setgid,cap_setuid,cap_setpcap+ep
webview_zygote64 = cap_setgid,cap_setuid,cap_setpcap+ep
Compared to the android_filesystem_config.h:
{ 00700, AID_CAMERA, AID_SHELL, (1ULL << CAP_SYS_NICE), "system/bin/mm-qcamera-daemon" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/pm-service" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/imsdatadaemon" },
{ 00755, AID_SYSTEM, AID_RADIO, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/ims_rtp_daemon" },
{ 00755, AID_SYSTEM, AID_SYSTEM, (1ULL << CAP_NET_BIND_SERVICE), "system/bin/cnss-daemon"},
2.
fsconfig: fix error message for duplicate AID
Fixes:
raise ValueError('Duplicate aid value "%u" for %s' % value,
TypeError: %u format: a number is required, not str
and
raise ValueError('Duplicate aid value "%s" for %s' % value,
TypeError: not enough arguments for format string
3.
fsconfig: add test for duplicate ranges
Add a test for duplicate range detection.
4.
fsconfig: skip AID_APP, AID_USER and all ranges
Do not output AID_APP, AID_USER and ranges. A range
is defined as ending with AID_ and ending in _START or
_END.
5.
fsconfig: test for skip AID_APP, AID_USER and all ranges
Test against AIDs that caused the bionic tests to fail.
Change-Id: I95569a9ccc83bd3231f8a6f395532cc2de316bd2
Signed-off-by: William Roberts <william.c.roberts@intel.com>
Add build targets for split sepolicy files so they'll appear in the root dir for
on-device compilation. nonplat_sepolicy will eventually be removed as it should
be provided by a different partition. Also replace sepolicy.recovery with the
appropriate split components.
Bug: 31363362
Test: Policy builds on-device and boots.
Change-Id: I017dabe6940c3cd20de6c00bb5253274d5a9269b
This makes the apk avaiable on all devices and can be overridden on a
per-product basis using LOCAL_OVERRIDES_PACKAGES.
BUG: 33224286
Test: Verified with lunch aosp_bullhead-userdebug; make
Change-Id: Ib345193caa4431b6405294bd8759d93349335814
* changes:
fs_config: add unit tests
fs_config: drop fs_config_files/dirs PRODUCT_PACKAGES requirement
fs_config: add group to build
fs_config: introduce group generator
fs_config: add passwd to build
fs_config: introduce passwd generator
fs_config: generate friendly in AID class
fs_config: limit characters for AID_<name> sections
fs_config: generate oem AID header file
fs_config: android_id header generator
fs_config: support parsing android_filesystem_config.h
fs_config: modularize fs_config_generator
This section will be modified as part of splitting these packages into platform
and non-platform components. Sort them all to avoid conflicts.
Bug: 31363362
Test: Builds
Change-Id: I91fb4d4d7c0a6971a19047ef2eb2981770a122ff
Builds the new mediaanalytics service as part of basic
build (as opposed to product-specific builds).
Bug: 30267133
Test: clean build of system, see that new service is present
Change-Id: Ibf44d97974b200d93dcf4d0605e20655eda5b95e
This reverts commit a35d92e431.
The app_process__asan module is merged into app_process.
Bug: 33224213
Test: m
Change-Id: I5e3e836c67b5bd17cf967f1b2429e39c4e18557b
This reverts commit eee31511f7.
Rewriting of app_process adds an automatic dependency.
Bug: 33224213
Test: m
Change-Id: Idd9509d116692954224f4d2ffd6c81b69e9a85a3
Bug: http://b/28866258
Remove libbcc.so from the list of directly packaged modules. 64-bit
libbcc.so gets included as a dependency for the bcc executable (which is
a required package). 32-bit libbcc.so is no longer necessary on 64-bit
devices.
This change also removes 32-bit libLLVM.so from a 64-bit system image
(leading to a 13M reduction in Angler's system image on AOSP) and a
considerable reduction in build time.
Test: - Build all topics in this CL
- RsTest (including the 32-bit ABI) and CTS tests pass on x86 and
x86_64 emulators and Angler.
Change-Id: I10f07e322a615f37d6967b7c938635f544ddceff
Add asanwrapper helper binary to PRODUCT_PACKAGES when building with
SANITIZE_LITE=true.
Bug: 33224213
Test: m SANITIZE_TARGET=address SANITIZE_LITE=true && ls $OUT/system/bin/asanwrapper
Change-Id: Ic4d8973b9e9ddfd9ef8663735bf5f70d8f9f70e1
Add sanitized app_process module to PRODUCT_PACKAGES when building
with SANITIZE_LITE=true
Bug: 33224213
Test: m SANITIZE_TARGET=address SANITIZE_LITE=true && ls $OUT/system/bin/asan
Change-Id: Ic67976f1b897b638d569ec6f42d5a8d59f8a9285
When configuring fs_config_files or fs_config_dirs for file_system
capabilities, drop the requirement that OEMs must add the target
to PRODUCT_PACKAGES. This limits the configuration requirement
to only needing to set the new and preferred TARGET_FS_CONFIG_GEN
or the older TARGET_ANDROID_FILESYSTEM_CONFIG_H method.
Test: That only setting TARGET_FS_CONFIG_GEN results in passwd and
group in the build image.
Change-Id: I818854fa1b3e94edaff59a32bd7cf23cf9b504aa
Signed-off-by: William Roberts <william.c.roberts@intel.com>
Setup PRODUCT_PACKAGES for the group file.
The group file is always included in the product
build but may be empty.
Test: That the group file is in the build.
Change-Id: I2ed1759fbe42a7e6833bb754b00cadaf949f128d
Signed-off-by: William Roberts <william.c.roberts@intel.com>
Setup PRODUCT_PACKAGES for the passwd file.
The passwd file is always included in the product
build but may be empty.
Test: That the passwd file is in the build image.
Change-Id: Iedbb81b15d3b281ff4ad36d28adc2ba4523785f2
Signed-off-by: William Roberts <william.c.roberts@intel.com>
Split out dependencies and removes some transitives. In preparation
for moving the modules.
Test: m
Test: Device boots
Change-Id: I7cdccd178eef9a625607a74ba8496651591e4cb4
Add libopenjdkjvmti to ART dependencies.
Bug: 31455788
Test: m && ls $OUT/system/lib/libopenjdkjvmti.so
Change-Id: Iccf35f04548d74df87ec05f2cb555c1db9d137c6
Test: tested charger-only and recovery boot using new binary
Change-Id: I803a76747c29cf53f6012ea649fa044878423766
Signed-off-by: Sandeep Patil <sspatil@google.com>
- Add it to the base build (the first one in the hierarchy that includes
the activity manager).
- Add tab completion commands to envsetup.sh
Test: . build/envsetup.sh ; make
Change-Id: Id24acaa0f17f198bda329016ff17170ad93624ec
The goldfish_setup shell script needs the ability to set the interface
address via ifconfig. This requires SIOCSIFADDR plus other ioctl
permissions, therefore allow the set of priv_sock_ioctls permissions.
Addresses the following denial that stops internet access via browser:
avc: denied { ioctl } for pid=712 comm="ifconfig" path="socket:[1825]"
dev="sockfs" ino=1825 ioctlcmd=8916 scontext=u:r:goldfish_setup:s0
tcontext=u:r:goldfish_setup:s0 tclass=udp_socket permissive=0
Test: With update can access internet via browser.
Change-Id: I77a52c0b72bb0ebe9451f45c346a399c1f61672d
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Following change disabled preopt for system apps when doing eng build:
4df565786a
Build: Only preopt boot images in eng builds
As a middle way between full preopt/high performance/long builds,
and no preopt/low performance/fast turnaround, preopt only the
boot image in eng builds.
I4a2692f3ce84823cd40c6b7d672fd73257739ef8
This works well for devices, but first boot on emulator takes 10+mins.
Bypass the change by forcing preopt inside the BoardConfig.
Change-Id: I58d100cd65d2a09b644a90d91261102aab31fcbb
On mips64r6 cpus, the preferred zero-emulation-overhead 32-bit arch
variant is mips32r6. Mips32r1 and mips32r2 software runs but with
frequent op-emulation traps to the kernel. Android NDK had support
for mips32r6 prebuilt binaries in release r10 but lacked STL binaries
in r11 and omits all mips32r6 prebuilts in r13.
To keep mips64 buildable using just aosp sources, switch to using the
slower mips32r2 variant as its 2nd cpu arch. This applies only to the
aosp copy of Android. Imgtec's redistribution of Android releases will
instead use mips32r6 as the 2nd cpu arch, using a privately-maintained
prebuilts/ndk that includes all needed mips32r6 libraries.
The standard 32-bit Mips build on aosp uses mips32r2 as its native ABI.
That also runs mips32r1 apps built by NDK and mips32r1 android STL
components built by NDK. Similarly, the 2nd arch for mips64r6 will
use mips32r2 itself but runs fine with mips32r1 apps and components.
Change-Id: I65c3fa9a3e5427be12955b902e6ec965de85e608
This reverts commit 4c6e1b62e0, since sr-Latn is no longer planned for MR1.
Bug: 29455508
Bug: 29601930
Change-Id: I47c240fa7456940ecb272f05e94f563b221c92c3
Setting EXTENDED_FONT_FOOTPRINT has been a no-op for a while, since
no one reads it anymore. Also do the same for naver-fonts, which had
also become a no-op.
Bug: 21785576
Change-Id: I3818adcbba11398024b82c2f22fe2d545b55418d
The goldfish_setup shell script needs the ability to execute
the shell script interpreter. Allow it.
Addresses the following denial:
avc: denied { getattr } for pid=1220 comm="init.goldfish.s"
path="/system/bin/sh" dev="vda" ino=442 scontext=u:r:goldfish_setup:s0
tcontext=u:object_r:shell_exec:s0 tclass=file permissive=0
(cherrypicked from commit 501c88c029)
Bug: 28941573
Change-Id: I22d26e90f107c8d801229354a5e0513c37e6c31d
new read only product property ro.product.first_api_level.
PRODUCT_SHIPPING_API_LEVEL declares which API level a device first
shipped with. We use this variable to set a read-only property that
can be used in CTS/GTS tests.
Change-Id: If54202075d3b92ed380655cde8b3fc50c5ba73b3
The Dev Settings app currently just launches an intent that is received
by the regular Settings app. However, since N the Settings app only
receives the intent when developer mode is enabled. If it is not enabled
the Dev Settings app will crash. Since the Dev Settings app doesn't
really add much benefit this change removes it from the emulator system
images to prevent this issue. The user will have to access the developer
settings from the regular Settings app just like on a physical device.
BUG: 27549126
Change-Id: I8191f9003bb452ef76c4b236b965368b48be3d25
The goldfish_setup shell script needs the ability to execute
the shell script interpreter. Allow it.
Addresses the following denial:
avc: denied { getattr } for pid=1220 comm="init.goldfish.s"
path="/system/bin/sh" dev="vda" ino=442 scontext=u:r:goldfish_setup:s0
tcontext=u:object_r:shell_exec:s0 tclass=file permissive=0
Bug: 28941573
Change-Id: I22d26e90f107c8d801229354a5e0513c37e6c31d
am: 8666487b4a
* commit '8666487b4aed7062022835e00133e4038500d63a':
Build: Only use compiled-classes file when available
Change-Id: I1d67876deb38c69bf320497b13d09ba801d6022c
Alex Klyubin