Moves selinux policy build decisions to system/sepolicy/Android.mk.
This is done because the PRODUCT_FULL_TREBLE variable isn't available
in embedded.mk and TARGET_SANITIZE isn't available to dependencies of
init.
Test: Build/boot Bullhead PRODUCT_FULL_TREBLE=false
Test: Build/boot Marlin PRODUCT_FULL_TREBLE=true
Test: Build Marlin TARGET_SANITIZE=address. Verify asan rules are
included in policy output.
Bug: 36138508
Change-Id: I792786cd867bae3e1baeb824167a848948a719df
This change removes the passthough mode implemention of Configstore.
Bug: 35325577
Test: android.hardware.configstore@1.0-impl.so not exist in outputs and
Configstore works in binderized mode
Change-Id: Ie9ec24c33701356b7fa8c4f6cfc372c09051f62c
Merged-In: Ic16d5ebe30fabfd62ba4e444fe2775ddfbe2a18a
This file is used by linker to create custom namespace
configuration for binaries.
Bug: http://b/30706810
Test: m
Change-Id: Ifc4e43ed51c6906c75a7f0d9f00a816b5e16c4d8
This file is no longer needed because it was needed for supporting
reloadable/dynamic SELinux policy which is no longer supported.
Test: Clean build, flash, device boots without additional denials.
Reboot to recovery works, no additional denials.
Bug: 33642277
Change-Id: Ie65e74b8c8437694bc1ea019ab844f60f9e89ade
This change adds default implementation of configstore@1.0 HAL to all
embedded devices.
Bug: 34314793
Test: build. make sure /system/bin/hw has file
android.hardware.configstore@1.0-service
cherry-picked
1d6ab958c configstore: add default implementation of configstore@1.0 HAL
Merged-in: I65f416560de9d65c57e6cfcb9a6fe26b0140d4a6
Change-Id: Ib68fa325a0f0ce60db0701e16a5a9056411fb398
Test: Marlin and Bullhead build and boot with no new denials.
Test: Marlin and Bullhead recovery boots with no new denials.
Test: Bullhead boots with file_contexts.bin in /
Test: Marlin boot with /system/etc/selinux/plat_file_contexts and
/vendor/etc/selinux/nonplat_file_contexts.
Bug: 36002414
Change-Id: I25af653e060c0c72ea6ad08db8869132885adff8
This removes the unconditional inclusion of secilc and sepolicy.
These artefacts are now conditionally included by system/core/init.
The reason for declaring the conditional inclusion there is because
the desired conditional inclusion based on PRODUCT_FULL_TREBLE cannot
be declared here because PRODUCT_FULL_TREBLE is not yet available when
this file is interpreted.
Test: Device boots, no additional SELinux denials. This test is
performed on a device with PRODUCT_FULL_TREBLE set to true, and
on a device with PRODUCT_FULL_TREBLE set to false.
Test: Device with PRODUCT_FULL_TREBLE set to true contains secilc and
the three *.cil files, but does not contain the sepolicy file.
Device with PRODUCT_FULL_TREBLE set to false contains sepolicy
file but does not contain the secilc file or any *.cil files.
Bug: 31363362
Change-Id: Ia3f38948b71a054918f5f63c594ba62a033e1066
Similar to vendor/manifest.xml on device, this file lists
all HALs defined in the framework (and hence go
to the system image). IServiceManager / IMemory /
etc. getService should consult this file (via VINTF
object under /system/libvintf) to return the HAL in the correct
transport mode.
Bug: 34772739 Create system/manifest.xml
Bug: 35219444 Need interface + instance entry
Test: compiles and manually confirm that system/manifest.xml exist.
Change-Id: I5b3c79b068841e47062cbab6f72d70555801a21d
The SELinux policy compiler needs to be available on-device to compile
SELinux policy at boot on some devices. For now, we're including this
unconditionally, but, going forward, we will include this binary only
on devices which need it.
Test: Device boots -- secilc is not yet used anyway
Bug: 31363362
Change-Id: I7712b70d7c5b4c57bec2cdb44519b42d26758d09
full_base_telephoney.mk file gets used only for emulators which should
have bluetooth disabled. Using the default handheld_core_hardware.xml
file has bluetooth enabled. We should use the generic
handheld_core_hardware.xml file for emulators which has bluetooth
disabled.
Its presence causes problems upstream in SystemServer when
BluetoothService starts and requires an extra emulator config change
which should not be there.
Bug: 35361545
Test: Verified by launching Android Emulator. It works fine and does not
start bluetooth.
Change-Id: I484c3d5867f46853fb49f28422dd72ab362ed768
We are splitting android.hidl.memory into android.hidl.allocator and
android.hidl.memory to reflect the fact that we have two separate
interfaces which are served over different transports.
Bug: 35327976
Test: hidl_test, device boots with allocator
Merged-In: I36b1554d20f89ecd60a836c04f788ac83e0a1f5c
Change-Id: I36b1554d20f89ecd60a836c04f788ac83e0a1f5c
Bug: 33746484
Test: Successfully boot with original service and property contexts.
Successfully boot with split serivce and property contexts.
Change-Id: I1932684f600dd34d5136e72ac053fae13f0c3eba
Signed-off-by: Sandeep Patil <sspatil@google.com>
Test: make -j64 and flash the device and
ensure that lshal is available on the device.
Bug: 34712252
Change-Id: If61047afb27f9da9f8825ce18e2dfc0b3dec10e2