Add setupwizard_esim_prop to access ro.setupwizard.esim_cid_ignore am: fa95e8c591

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/22899490

Change-Id: I653ff006bc75c376434828de57bad34a28e49b15
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Jinyoung Jeong 2023-04-30 03:23:24 +00:00 committed by Automerger Merge Worker
commit 5205a56ad3
8 changed files with 14 additions and 2 deletions

View file

@ -59,6 +59,7 @@
remote_provisioning_service remote_provisioning_service
rkpdapp rkpdapp
servicemanager_prop servicemanager_prop
setupwizard_esim_prop
shutdown_checkpoints_system_data_file shutdown_checkpoints_system_data_file
stats_config_data_file stats_config_data_file
sysfs_fs_fuse_features sysfs_fs_fuse_features

View file

@ -598,6 +598,10 @@ neverallow {
-init -init
} setupwizard_prop:property_service set; } setupwizard_prop:property_service set;
neverallow {
domain
-init
} setupwizard_esim_prop:property_service set;
# ro.product.property_source_order is useless after initialization of ro.product.* props. # ro.product.property_source_order is useless after initialization of ro.product.* props.
# So making it accessible only from init and vendor_init. # So making it accessible only from init and vendor_init.
neverallow { neverallow {

View file

@ -1446,8 +1446,8 @@ partition.product.verified.root_digest u:object_r:verity_status_prop:s0 exact
partition.vendor.verified.root_digest u:object_r:verity_status_prop:s0 exact string partition.vendor.verified.root_digest u:object_r:verity_status_prop:s0 exact string
partition.odm.verified.root_digest u:object_r:verity_status_prop:s0 exact string partition.odm.verified.root_digest u:object_r:verity_status_prop:s0 exact string
ro.setupwizard.esim_cid_ignore u:object_r:setupwizard_esim_prop:s0 exact string
ro.setupwizard.enterprise_mode u:object_r:setupwizard_prop:s0 exact bool ro.setupwizard.enterprise_mode u:object_r:setupwizard_prop:s0 exact bool
ro.setupwizard.esim_cid_ignore u:object_r:setupwizard_prop:s0 exact string
ro.setupwizard.rotation_locked u:object_r:setupwizard_prop:s0 exact bool ro.setupwizard.rotation_locked u:object_r:setupwizard_prop:s0 exact bool
ro.setupwizard.wifi_on_exit u:object_r:setupwizard_prop:s0 exact bool ro.setupwizard.wifi_on_exit u:object_r:setupwizard_prop:s0 exact bool

View file

@ -88,6 +88,7 @@ system_restricted_prop(property_service_version_prop)
system_restricted_prop(provisioned_prop) system_restricted_prop(provisioned_prop)
system_restricted_prop(restorecon_prop) system_restricted_prop(restorecon_prop)
system_restricted_prop(retaildemo_prop) system_restricted_prop(retaildemo_prop)
system_restricted_prop(setupwizard_esim_prop)
system_restricted_prop(servicemanager_prop) system_restricted_prop(servicemanager_prop)
system_restricted_prop(smart_idle_maint_enabled_prop) system_restricted_prop(smart_idle_maint_enabled_prop)
system_restricted_prop(socket_hook_prop) system_restricted_prop(socket_hook_prop)

View file

@ -59,6 +59,7 @@
remote_provisioning_service remote_provisioning_service
rkpdapp rkpdapp
servicemanager_prop servicemanager_prop
setupwizard_esim_prop
shutdown_checkpoints_system_data_file shutdown_checkpoints_system_data_file
stats_config_data_file stats_config_data_file
sysfs_fs_fuse_features sysfs_fs_fuse_features

View file

@ -598,6 +598,10 @@ neverallow {
-init -init
} setupwizard_prop:property_service set; } setupwizard_prop:property_service set;
neverallow {
domain
-init
} setupwizard_esim_prop:property_service set;
# ro.product.property_source_order is useless after initialization of ro.product.* props. # ro.product.property_source_order is useless after initialization of ro.product.* props.
# So making it accessible only from init and vendor_init. # So making it accessible only from init and vendor_init.
neverallow { neverallow {

View file

@ -1446,8 +1446,8 @@ partition.product.verified.root_digest u:object_r:verity_status_prop:s0 exact
partition.vendor.verified.root_digest u:object_r:verity_status_prop:s0 exact string partition.vendor.verified.root_digest u:object_r:verity_status_prop:s0 exact string
partition.odm.verified.root_digest u:object_r:verity_status_prop:s0 exact string partition.odm.verified.root_digest u:object_r:verity_status_prop:s0 exact string
ro.setupwizard.esim_cid_ignore u:object_r:setupwizard_esim_prop:s0 exact string
ro.setupwizard.enterprise_mode u:object_r:setupwizard_prop:s0 exact bool ro.setupwizard.enterprise_mode u:object_r:setupwizard_prop:s0 exact bool
ro.setupwizard.esim_cid_ignore u:object_r:setupwizard_prop:s0 exact string
ro.setupwizard.rotation_locked u:object_r:setupwizard_prop:s0 exact bool ro.setupwizard.rotation_locked u:object_r:setupwizard_prop:s0 exact bool
ro.setupwizard.wifi_on_exit u:object_r:setupwizard_prop:s0 exact bool ro.setupwizard.wifi_on_exit u:object_r:setupwizard_prop:s0 exact bool

View file

@ -88,6 +88,7 @@ system_restricted_prop(property_service_version_prop)
system_restricted_prop(provisioned_prop) system_restricted_prop(provisioned_prop)
system_restricted_prop(restorecon_prop) system_restricted_prop(restorecon_prop)
system_restricted_prop(retaildemo_prop) system_restricted_prop(retaildemo_prop)
system_restricted_prop(setupwizard_esim_prop)
system_restricted_prop(servicemanager_prop) system_restricted_prop(servicemanager_prop)
system_restricted_prop(smart_idle_maint_enabled_prop) system_restricted_prop(smart_idle_maint_enabled_prop)
system_restricted_prop(socket_hook_prop) system_restricted_prop(socket_hook_prop)