From c2af2e2ec4c99604966a54121427a85d11fd4367 Mon Sep 17 00:00:00 2001 From: Alexei Nicoara Date: Mon, 11 Sep 2023 17:43:45 +0100 Subject: [PATCH] Making sys.boot.reason.last restricted sys.boot.reason.last needs to be readable by SysUI to correctly display the reason why authentication is required to unlock the phone. Bug: 299327097 Bug: 308058980 Test: presubmit Change-Id: I9f83ade92858056609bc665ecb6ce9b93eb051e4 Merged-In: I9f83ade92858056609bc665ecb6ce9b93eb051e4 --- prebuilts/api/34.0/private/bootstat.te | 1 + prebuilts/api/34.0/private/platform_app.te | 3 +++ private/bootstat.te | 1 + private/platform_app.te | 3 +++ 4 files changed, 8 insertions(+) diff --git a/prebuilts/api/34.0/private/bootstat.te b/prebuilts/api/34.0/private/bootstat.te index 016292ed3..99d8c6d29 100644 --- a/prebuilts/api/34.0/private/bootstat.te +++ b/prebuilts/api/34.0/private/bootstat.te @@ -17,6 +17,7 @@ neverallow { -dumpstate userdebug_or_eng(`-incidentd') -init + -platform_app -recovery -shell -system_server diff --git a/prebuilts/api/34.0/private/platform_app.te b/prebuilts/api/34.0/private/platform_app.te index 6d495020f..44de21c25 100644 --- a/prebuilts/api/34.0/private/platform_app.te +++ b/prebuilts/api/34.0/private/platform_app.te @@ -113,6 +113,9 @@ get_prop(platform_app, keyguard_config_prop) # allow platform apps to read qemu.hw.mainkeys get_prop(platform_app, qemu_hw_prop) +# allow platform apps to read sys.boot.reason.last +get_prop(platform_app, last_boot_reason_prop) + # allow platform apps to create symbolic link allow platform_app app_data_file:lnk_file create_file_perms; diff --git a/private/bootstat.te b/private/bootstat.te index 016292ed3..99d8c6d29 100644 --- a/private/bootstat.te +++ b/private/bootstat.te @@ -17,6 +17,7 @@ neverallow { -dumpstate userdebug_or_eng(`-incidentd') -init + -platform_app -recovery -shell -system_server diff --git a/private/platform_app.te b/private/platform_app.te index 6d495020f..44de21c25 100644 --- a/private/platform_app.te +++ b/private/platform_app.te @@ -113,6 +113,9 @@ get_prop(platform_app, keyguard_config_prop) # allow platform apps to read qemu.hw.mainkeys get_prop(platform_app, qemu_hw_prop) +# allow platform apps to read sys.boot.reason.last +get_prop(platform_app, last_boot_reason_prop) + # allow platform apps to create symbolic link allow platform_app app_data_file:lnk_file create_file_perms;