tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Introduce ro.boot.hypervisor properties" am: dd35626853

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1843773

Change-Id: I4ff9a7c008590a5ca17987aac95c5afab441f392
This commit is contained in:
Enrico Granata 2021-10-04 19:20:47 +00:00 committed by Automerger Merge Worker
commit 393ebdda04
5 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
private/compat/31.0/31.0.ignore.cil
View file

@ -15,6 +15,7 @@
hal_uwb_service
hal_uwb_vendor_service
hal_wifi_hostapd_service
hypervisor_prop
locale_service
power_stats_service
snapuserd_prop

3
private/dumpstate.te
View file

@ -91,6 +91,9 @@ set_prop(dumpstate, ctl_dumpstate_prop)
set_prop(dumpstate, lpdumpd_prop)
binder_call(dumpstate, lpdumpd)
# For dumping hypervisor information.
get_prop(dumpstate, hypervisor_prop)
# For dumping device-mapper and snapshot information.
allow dumpstate gsid_exec:file rx_file_perms;
set_prop(dumpstate, ctl_gsid_prop)

3
private/init.te
View file

@ -92,6 +92,9 @@ neverallow { domain -init } vts_status_prop:property_service set;
# Only init can write normal ro.boot. properties
neverallow { domain -init } bootloader_prop:property_service set;
# Only init can write ro.boot.hypervisor properties
neverallow { domain -init } hypervisor_prop:property_service set;
# Only init can write hal.instrumentation.enable
neverallow { domain -init } hal_instrumentation_prop:property_service set;

2
private/property_contexts
View file

@ -678,6 +678,8 @@ ro.boot.revision u:object_r:bootloader_prop:s0 exact string
ro.boot.vbmeta.avb_version u:object_r:bootloader_prop:s0 exact string
ro.boot.verifiedbootstate u:object_r:bootloader_prop:s0 exact string
ro.boot.veritymode u:object_r:bootloader_prop:s0 exact string
# Properties specific to virtualized deployments of Android
ro.boot.hypervisor.version u:object_r:hypervisor_prop:s0 exact string
# These ro.X properties are set to values of ro.boot.X by property_service.
ro.baseband u:object_r:bootloader_prop:s0 exact string

1
public/property.te
View file

@ -69,6 +69,7 @@ system_restricted_prop(device_config_runtime_native_boot_prop)
system_restricted_prop(device_config_runtime_native_prop)
system_restricted_prop(fingerprint_prop)
system_restricted_prop(hal_instrumentation_prop)
system_restricted_prop(hypervisor_prop)
system_restricted_prop(init_service_status_prop)
system_restricted_prop(libc_debug_prop)
system_restricted_prop(module_sdkextensions_prop)