From a999e394230e3b93b5b4af0908e87c0704ba2aca Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Fri, 14 Jun 2019 17:00:16 -0700 Subject: [PATCH] Add persist.sys.theme. This property will be set by system_server (to indicate the currently selected theme for device), and can be accessed by vendor init.rc. avc: denied { read } for property=persist.sys.theme pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:theme_prop:s0 tclass=file Bug: 113028175 Test: Set a vendor init trigger that waits on `persist.sys.theme`. Check that the trigger fires without denial. Change-Id: Ia85b1a8dfc118efdbb9337ca017c8fb7958dc386 Merged-In: Ibb4e392d5059b76059f36f7d11ba82cd65cbe970 (cherry picked from commit 75182a1ea645d3fa1e4c3e9f77851d90ff7cc803) --- prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil | 1 + prebuilts/api/29.0/private/property_contexts | 1 + prebuilts/api/29.0/private/system_server.te | 1 + prebuilts/api/29.0/public/property.te | 2 ++ prebuilts/api/29.0/public/property_contexts | 1 + prebuilts/api/29.0/public/vendor_init.te | 1 + private/compat/28.0/28.0.ignore.cil | 1 + private/property_contexts | 1 + private/system_server.te | 1 + public/property.te | 2 ++ public/property_contexts | 1 + public/vendor_init.te | 1 + 12 files changed, 14 insertions(+) diff --git a/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil b/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil index 796321ad6..7219d4255 100644 --- a/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil +++ b/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil @@ -131,6 +131,7 @@ task_profiles_file testharness_service test_harness_prop + theme_prop time_prop timedetector_service timezonedetector_service diff --git a/prebuilts/api/29.0/private/property_contexts b/prebuilts/api/29.0/private/property_contexts index abb83ed5e..b45341453 100644 --- a/prebuilts/api/29.0/private/property_contexts +++ b/prebuilts/api/29.0/private/property_contexts @@ -59,6 +59,7 @@ persist.mmc. u:object_r:mmc_prop:s0 persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0 persist.sys. u:object_r:system_prop:s0 persist.sys.safemode u:object_r:safemode_prop:s0 +persist.sys.theme u:object_r:theme_prop:s0 persist.sys.fflag.override.settings_dynamic_system u:object_r:dynamic_system_prop:s0 ro.sys.safemode u:object_r:safemode_prop:s0 persist.sys.audit_safemode u:object_r:safemode_prop:s0 diff --git a/prebuilts/api/29.0/private/system_server.te b/prebuilts/api/29.0/private/system_server.te index 781bb1899..f0da59c78 100644 --- a/prebuilts/api/29.0/private/system_server.te +++ b/prebuilts/api/29.0/private/system_server.te @@ -574,6 +574,7 @@ set_prop(system_server, exported_system_prop) set_prop(system_server, exported2_system_prop) set_prop(system_server, exported3_system_prop) set_prop(system_server, safemode_prop) +set_prop(system_server, theme_prop) set_prop(system_server, dhcp_prop) set_prop(system_server, net_radio_prop) set_prop(system_server, net_dns_prop) diff --git a/prebuilts/api/29.0/public/property.te b/prebuilts/api/29.0/public/property.te index 3ccaad722..e166c000e 100644 --- a/prebuilts/api/29.0/public/property.te +++ b/prebuilts/api/29.0/public/property.te @@ -83,6 +83,7 @@ type system_radio_prop, property_type, core_property_type; type system_trace_prop, property_type; type test_boot_reason_prop, property_type; type test_harness_prop, property_type; +type theme_prop, property_type; type time_prop, property_type; type traced_enabled_prop, property_type; type traced_lazy_prop, property_type; @@ -457,6 +458,7 @@ compatible_property_only(` -system_trace_prop -test_boot_reason_prop -test_harness_prop + -theme_prop -time_prop -traced_enabled_prop -traced_lazy_prop diff --git a/prebuilts/api/29.0/public/property_contexts b/prebuilts/api/29.0/public/property_contexts index 59301917b..e969aafcc 100644 --- a/prebuilts/api/29.0/public/property_contexts +++ b/prebuilts/api/29.0/public/property_contexts @@ -157,6 +157,7 @@ wlan.driver.status u:object_r:exported_wifi_prop:s0 exact enum ok unloaded apexd.status u:object_r:apexd_prop:s0 exact enum starting ready dev.bootcomplete u:object_r:exported3_system_prop:s0 exact bool persist.sys.device_provisioned u:object_r:exported3_system_prop:s0 exact string +persist.sys.theme u:object_r:theme_prop:s0 exact string persist.sys.usb.usbradio.config u:object_r:exported3_system_prop:s0 exact string sys.boot_completed u:object_r:exported3_system_prop:s0 exact bool sys.retaildemo.enabled u:object_r:exported3_system_prop:s0 exact int diff --git a/prebuilts/api/29.0/public/vendor_init.te b/prebuilts/api/29.0/public/vendor_init.te index da4dddcb1..375673cf8 100644 --- a/prebuilts/api/29.0/public/vendor_init.te +++ b/prebuilts/api/29.0/public/vendor_init.te @@ -247,6 +247,7 @@ set_prop(vendor_init, wifi_log_prop) get_prop(vendor_init, exported2_radio_prop) get_prop(vendor_init, exported3_system_prop) +get_prop(vendor_init, theme_prop) ### ### neverallow rules diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil index 099438980..66caf4be3 100644 --- a/private/compat/28.0/28.0.ignore.cil +++ b/private/compat/28.0/28.0.ignore.cil @@ -135,6 +135,7 @@ task_profiles_file testharness_service test_harness_prop + theme_prop time_prop timedetector_service timezonedetector_service diff --git a/private/property_contexts b/private/property_contexts index 2473cdb93..85111a3d9 100644 --- a/private/property_contexts +++ b/private/property_contexts @@ -59,6 +59,7 @@ persist.mmc. u:object_r:mmc_prop:s0 persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0 persist.sys. u:object_r:system_prop:s0 persist.sys.safemode u:object_r:safemode_prop:s0 +persist.sys.theme u:object_r:theme_prop:s0 persist.sys.fflag.override.settings_dynamic_system u:object_r:dynamic_system_prop:s0 ro.sys.safemode u:object_r:safemode_prop:s0 persist.sys.audit_safemode u:object_r:safemode_prop:s0 diff --git a/private/system_server.te b/private/system_server.te index 35493531a..20f2437bf 100644 --- a/private/system_server.te +++ b/private/system_server.te @@ -573,6 +573,7 @@ set_prop(system_server, exported_system_prop) set_prop(system_server, exported2_system_prop) set_prop(system_server, exported3_system_prop) set_prop(system_server, safemode_prop) +set_prop(system_server, theme_prop) set_prop(system_server, dhcp_prop) set_prop(system_server, net_radio_prop) set_prop(system_server, net_dns_prop) diff --git a/public/property.te b/public/property.te index 43fba69b9..3cc035364 100644 --- a/public/property.te +++ b/public/property.te @@ -85,6 +85,7 @@ type system_radio_prop, property_type, core_property_type; type system_trace_prop, property_type; type test_boot_reason_prop, property_type; type test_harness_prop, property_type; +type theme_prop, property_type; type time_prop, property_type; type traced_enabled_prop, property_type; type traced_lazy_prop, property_type; @@ -461,6 +462,7 @@ compatible_property_only(` -system_trace_prop -test_boot_reason_prop -test_harness_prop + -theme_prop -time_prop -traced_enabled_prop -traced_lazy_prop diff --git a/public/property_contexts b/public/property_contexts index 59301917b..e969aafcc 100644 --- a/public/property_contexts +++ b/public/property_contexts @@ -157,6 +157,7 @@ wlan.driver.status u:object_r:exported_wifi_prop:s0 exact enum ok unloaded apexd.status u:object_r:apexd_prop:s0 exact enum starting ready dev.bootcomplete u:object_r:exported3_system_prop:s0 exact bool persist.sys.device_provisioned u:object_r:exported3_system_prop:s0 exact string +persist.sys.theme u:object_r:theme_prop:s0 exact string persist.sys.usb.usbradio.config u:object_r:exported3_system_prop:s0 exact string sys.boot_completed u:object_r:exported3_system_prop:s0 exact bool sys.retaildemo.enabled u:object_r:exported3_system_prop:s0 exact int diff --git a/public/vendor_init.te b/public/vendor_init.te index 7114a024f..c439ffd22 100644 --- a/public/vendor_init.te +++ b/public/vendor_init.te @@ -248,6 +248,7 @@ set_prop(vendor_init, wifi_log_prop) get_prop(vendor_init, exported2_radio_prop) get_prop(vendor_init, exported3_system_prop) +get_prop(vendor_init, theme_prop) ### ### neverallow rules