Use set_prop() macro for property sets

Change-Id: Id67a05f8ed718cad5856613c2700f4ce1e404cf0

legacy/vendor/common/fidodaemon.te

@@ -44,9 +44,6 @@ binder_call(fidodaemon, system_app)
 #Allow fidodaemon to be registered with service manager
 #allow fidodaemon fidodaemon_service:service_manager add;
 
-#Allow communication with init over property server
-unix_socket_connect(fidodaemon, property, init);
-
 #Allow access to tee device
 allow fidodaemon tee_device:chr_file rw_file_perms;
 

legacy/vendor/common/qseecomd.te

@@ -87,8 +87,6 @@ allow tee sysfs_securetouch:file rw_file_perms;
 binder_call(tee, surfaceflinger)
 #binder_use(tee)
 
-#allow tee system_app:unix_dgram_socket sendto;
-unix_socket_connect(tee, property, init)
 
 userdebug_or_eng(`
   allow tee su:unix_dgram_socket sendto;

legacy/vendor/common/qseeproxy.te

@@ -43,9 +43,6 @@ allow qseeproxy qseeproxy_service:service_manager add;
 #Allow qseeproxy to use system_server via binder to check caller identity
 binder_call(qseeproxy, system_server)
 
-#Allow communication with init over property server
-unix_socket_connect(qseeproxy, property, init);
-
 #Allow access to tee device
 allow qseeproxy tee_device:chr_file rw_file_perms;
 

legacy/vendor/common/qti_logkit_app.te

@@ -70,7 +70,7 @@ allow qti_logkit_app qti_logkit_pub_data_file:file create_file_perms;
 allow qti_logkit_app wcnss_service_exec:file rx_file_perms;
 
 # bugreport
-#allow qti_logkit_app ctl_dumpstate_prop:property_service set;
+#set_prop(qti_logkit_app, ctl_dumpstate_prop)
 unix_socket_connect(qti_logkit_app, dumpstate, dumpstate)
 
 # ANR

legacy/vendor/common/system_app.te

@@ -109,7 +109,7 @@ allow system_app qti_logkit_priv_socket:dir r_dir_perms;
 #allow system_app qti_logkit_priv_socket:sock_file r_file_perms;
 
 # bugreport
-#allow system_app ctl_dumpstate_prop:property_service set;
+#set_prop(system_app, ctl_dumpstate_prop)
 unix_socket_connect(system_app, dumpstate, dumpstate)
 
 # allow gba auth service to add itself as system service

legacy/vendor/common/system_server.te

@@ -110,7 +110,7 @@ binder_call(system_server, fps_hal)
 allow system_server iqfp_service:service_manager find;
 
 # For shutdown animation
-allow system_server ctl_bootanim_prop:property_service set;
+set_prop(system_server, ctl_bootanim_prop)
 
 # allow tethering to access dhcp leases
 r_dir_file(system_server, dhcp_data_file)

legacy/vendor/common/wifi_ftmd.te

@@ -33,4 +33,3 @@ net_domain(wifi_ftmd)
 
 set_prop(wifi_ftmd,vendor_wifi_ftmd_prop);
 allow wifi_ftmd self:capability net_admin;
-allow wifi_ftmd vendor_wifi_ftmd_prop:property_service set;

legacy/vendor/common/zygote.te

@@ -25,7 +25,7 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-allow zygote  system_prop:property_service set;
+set_prop(zygote, system_prop)
 get_prop(zygote, vendor_mpctl_prop)
 get_prop(zygote, vendor_video_prop)
 allow zygote self:capability kill;

legacy/vendor/msm8953/init_shell.te

@@ -25,9 +25,8 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-allow qti_init_shell {
-    vendor_media_msm8953_version_prop
-}:property_service set;
+# media_msm8953_version_prop - to choose target version specific media_codecs.xml
+set_prop(qti_init_shell, vendor_media_msm8953_version_prop)
 
 # For regionalization
 allow qti_init_shell regionalization_file:dir r_dir_perms;

legacy/vendor/sdm660/init_shell.te

@@ -32,5 +32,5 @@ allow qti_init_shell regionalization_file:file create_file_perms;
 #Needed for starting cdsprpcd service post-boot
 set_prop(qti_init_shell, vendor_cdsprpcd_prop)
 #Needed for ctl property denials
-allow qti_init_shell ctl_start_prop:property_service set;
-allow qti_init_shell ctl_stop_prop:property_service set;
+set_prop(qti_init_shell, ctl_start_prop)
+set_prop(qti_init_shell, ctl_stop_prop)

legacy/vendor/sdm660/vendor_init.te

@@ -25,6 +25,5 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-allow vendor_init vendor_freq_prop:property_service set;
-
+set_prop(vendor_init, vendor_freq_prop)
 set_prop(vendor_init, vendor_video_prop);

legacy/vendor/test/fidotest.te

@@ -44,9 +44,6 @@ userdebug_or_eng(`
   #Allow fido test daemons to be registered with service manager
   #allow fidotest fidotest_service:service_manager add;
 
-  # Allow communication with init over property server
-  unix_socket_connect(fidotest, property, init);
-
   # Allow access to tee device
   allow fidotest tee_device:chr_file rw_file_perms;
 

legacy/vendor/test/qseeproxysample.te

@@ -45,9 +45,6 @@ userdebug_or_eng(`
   #Allow test daemon to use system_server via binder to check caller identity
   binder_call(qseeproxysample, system_server)
 
-  # Allow communication with init over property server
-  unix_socket_connect(qseeproxysample, property, init);
-
   # Allow access to tee device
   allow qseeproxysample tee_device:chr_file rw_file_perms;
 

qva/private/wfdservice.te

@@ -68,9 +68,6 @@ allow wfdservice graphics_device:chr_file rw_file_perms;
 #Allow access to encoder for YUV statistics
 allow wfdservice gpu_device:chr_file rw_file_perms;
 
-#Allow communication with init over property server
-unix_socket_connect(wfdservice, property, init);
-
 #Allow access to /dev/video/* devices for encoding/decoding
 allow wfdservice video_device:chr_file rw_file_perms;
 allow wfdservice video_device:dir r_dir_perms;