The new build target for hostapd does not include the HIDL control
interface and it's a separate binary from the hostapd used for WiFi
hotspots. This new binary needs its own SELinux rules and it should be
included in emulator builds since it's used to provide virtual access
points.
BUG: 74401469
Test: run cts -m CtsNetTestCases
Change-Id: I6a654ac2dea20af048ac731876ac603773fcf3d8
There have been quite some changes that should go to aosp.
This CL squash all of them into a single one.
Change-Id: I1e8d172b99cc98c93f2925fef32da8b461c277ed
Merged-In: I93b8489f710d194917d4b482ebca960c39658fd9
Merged-In: Ifac85db4e13d0b946f91b7eeffb4288d40d0ebb8
As swiftshader is open sourced, put it into emulator
targets to enable -gpu guest option.
Test: build aosp_x86-eng, launch emulator -gpu guest
and it should boot to home screen.
Change-Id: I2140d7cec28d5f00b7463b1d37d9cf62120398fb
Merged-In: I2140d7cec28d5f00b7463b1d37d9cf62120398fb
Install emulator specific binaries and libraries
to vendor partition; update selinux; add vndk.
BUG: 37511975
Test: build user build, launch emualtor, run CTS.
Change-Id: I70f58947e98b41b195d77b4347d2efdc09348392
This fixes the issue with the emulator "-shell" option.
Init tries to open the console which is passed through
the kernel androidboot.console property, but fails to
open it because "avc" denies it. Init only has permissions
to open console_device in rw mode. This ensures that
/dev/ttyS2 is properly labeled as console_device.
Replaced tabs with spaces.
Change-Id: I9ef94576799bb724fc22f6be54f12de10ed56768
In goldfish kernel 3.10, the goldfish_tty device instantiates virtual
serial ports as /dev/ttyGF* (e.g. /dev/ttyGF0), not as /dev/ttyS* as in
goldfish kernel 3.4. However, in the emulator's SELinux security policy,
there is no specific security context assigned to /dev/ttyGF*, and the
one inherited from /dev (u:object_r:device:s0) prevents services such as
qemud and goldfish-logcat from reading and writing ttyGF*. Consequently,
qemud terminates abnormally on the classic x86_64 emulator:
init: Service 'qemud' (pid XXX) exited with status 1
Fix this issue by assigning /dev/ttyGF* the same security context as
/dev/ttyS*.
Change-Id: Ia7394dc217bd82f566c4d1b7eda3cc8ce3ac612f
Signed-off-by: Yu Ning <yu.ning@intel.com>
In goldfish kernel 3.10, qemu_pipe has been renamed to goldfish_pipe.
However, in the emulator's SELinux policy, there is no specific security
context assigned to /dev/goldfish_pipe, and the one inherited from /dev
(u:object_r:device:s0) prevents various processes (qemud, qemu-props,
etc.) from reading and writing goldfish_pipe. Consequently, the classic
x86_64 emulator will not boot if GPU emulation is enabled ("-gpu host"),
and does not render the UI correctly if launched with "-gpu off".
Fix this issue by assigning /dev/goldfish_pipe the same security context
as /dev/qemu_pipe.
This CL also benefits the new ("ranchu") emulator, where all supported
ABIs (arm64, mips64, x86 and x86_64) use 3.10-based kernels. Without
this fix, the new emulator boots and works, but there are avc denials
related to goldfish_pipe.
Last but not least, it is now possible to boot the classic x86 emulator
with a 3.10-based kernel instead of the current 3.4-based one, without
disabling SELinux.
Change-Id: Iad979c0ee9d0a410be12b83ac1bef9476b50a6dc
Signed-off-by: Yu Ning <yu.ning@intel.com>
This assigns block device types as per device/generic/goldfish/fstab.goldfish.
Eliminates (permissive) avc: denied messages for fsck.
Change-Id: Ia72bdfb16975f051548b6b2c0636e4f907295789
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
goldfish-setup, goldfish-logcat, and qemu-props are goldfish-specific
oneshot services that lacked domain definitions and thus were left in init's
domain.
This depends on a change to external/sepolicy with the same Change-Id
to define non-goldfish-specific types for properties and logcat.
Change-Id: Idce1fb5ed9680af84788ae69a5ace684c6663974
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
