Merge "Add odsign status properties."
This commit is contained in:
commit
0b47552028
3 changed files with 9 additions and 0 deletions
|
@ -50,6 +50,10 @@ domain_auto_trans(odsign, odrefresh_exec, odrefresh)
|
||||||
# Run fsverity_init to add key to fsverity keyring
|
# Run fsverity_init to add key to fsverity keyring
|
||||||
domain_auto_trans(odsign, fsverity_init_exec, fsverity_init)
|
domain_auto_trans(odsign, fsverity_init_exec, fsverity_init)
|
||||||
|
|
||||||
|
# only odsign can set odsign sysprop
|
||||||
|
set_prop(odsign, odsign_prop)
|
||||||
|
neverallow { domain -odsign -init } odsign_prop:property_service set;
|
||||||
|
|
||||||
# Neverallows
|
# Neverallows
|
||||||
neverallow { domain -odsign -init -fsverity_init } odsign_data_file:dir *;
|
neverallow { domain -odsign -init -fsverity_init } odsign_data_file:dir *;
|
||||||
neverallow { domain -odsign -init -fsverity_init } odsign_data_file:file *;
|
neverallow { domain -odsign -init -fsverity_init } odsign_data_file:file *;
|
||||||
|
|
|
@ -22,6 +22,7 @@ system_internal_prop(lower_kptr_restrict_prop)
|
||||||
system_internal_prop(net_464xlat_fromvendor_prop)
|
system_internal_prop(net_464xlat_fromvendor_prop)
|
||||||
system_internal_prop(net_connectivity_prop)
|
system_internal_prop(net_connectivity_prop)
|
||||||
system_internal_prop(netd_stable_secret_prop)
|
system_internal_prop(netd_stable_secret_prop)
|
||||||
|
system_internal_prop(odsign_prop)
|
||||||
system_internal_prop(pm_prop)
|
system_internal_prop(pm_prop)
|
||||||
system_internal_prop(rollback_test_prop)
|
system_internal_prop(rollback_test_prop)
|
||||||
system_internal_prop(setupwizard_prop)
|
system_internal_prop(setupwizard_prop)
|
||||||
|
|
|
@ -546,6 +546,10 @@ vold.post_fs_data_done u:object_r:vold_config_prop:s0 exact int
|
||||||
|
|
||||||
apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
|
apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
|
||||||
|
|
||||||
|
odsign.key.done u:object_r:odsign_prop:s0 exact bool
|
||||||
|
odsign.verification.done u:object_r:odsign_prop:s0 exact bool
|
||||||
|
odsign.verification.success u:object_r:odsign_prop:s0 exact bool
|
||||||
|
|
||||||
dev.bootcomplete u:object_r:boot_status_prop:s0 exact bool
|
dev.bootcomplete u:object_r:boot_status_prop:s0 exact bool
|
||||||
sys.boot_completed u:object_r:boot_status_prop:s0 exact bool
|
sys.boot_completed u:object_r:boot_status_prop:s0 exact bool
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue