Add sepolicy SF native boot namespace.
Following go/android-native-flag-api-manual. Bug: 190769260 Test: make. Change-Id: I84fe7e9d046fbbe737f09043589b19e71981f521
This commit is contained in:
rnlee
Rachel Lee
parent
81a677b948
commit
b6142ecc22
5 changed files with 6 additions and 1 deletions
|
|
@ -19,6 +19,7 @@ set_prop(flags_health_check, device_config_sys_traced_prop)
|
|||
set_prop(flags_health_check, device_config_window_manager_native_boot_prop)
|
||||
set_prop(flags_health_check, device_config_configuration_prop)
|
||||
set_prop(flags_health_check, device_config_connectivity_prop)
|
||||
set_prop(flags_health_check, device_config_surface_flinger_native_boot_prop)
|
||||
|
||||
# system property device_config_boot_count_prop is used for deciding when to perform server
|
||||
# configurable flags related disaster recovery. Mistakenly set up by unrelated components can, at a
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ system_internal_prop(device_config_window_manager_native_boot_prop)
|
|||
system_internal_prop(device_config_configuration_prop)
|
||||
system_internal_prop(device_config_connectivity_prop)
|
||||
system_internal_prop(device_config_swcodec_native_prop)
|
||||
system_internal_prop(device_config_surface_flinger_native_boot_prop)
|
||||
system_internal_prop(fastbootd_protocol_prop)
|
||||
system_internal_prop(gsid_prop)
|
||||
system_internal_prop(init_perf_lsm_hooks_prop)
|
||||
|
|
|
|||
|
|
@ -241,6 +241,7 @@ persist.device_config.runtime_native_boot. u:object_r:device_config_run
|
|||
persist.device_config.statsd_native. u:object_r:device_config_statsd_native_prop:s0
|
||||
persist.device_config.statsd_native_boot. u:object_r:device_config_statsd_native_boot_prop:s0
|
||||
persist.device_config.storage_native_boot. u:object_r:device_config_storage_native_boot_prop:s0
|
||||
persist.device_config.surface_flinger_native_boot. u:object_r:device_config_surface_flinger_native_boot_prop:s0
|
||||
persist.device_config.swcodec_native. u:object_r:device_config_swcodec_native_prop:s0
|
||||
persist.device_config.window_manager_native_boot. u:object_r:device_config_window_manager_native_boot_prop:s0
|
||||
|
||||
|
|
|
|||
|
|
@ -61,6 +61,7 @@ set_prop(surfaceflinger, surfaceflinger_display_prop)
|
|||
|
||||
# Get properties.
|
||||
get_prop(surfaceflinger, qemu_sf_lcd_density_prop)
|
||||
get_prop(network_stack, device_config_surface_flinger_native_boot_prop)
|
||||
|
||||
# Use open files supplied by an app.
|
||||
allow surfaceflinger appdomain:fd use;
|
||||
|
|
|
|||
|
|
@ -708,7 +708,7 @@ set_prop(system_server, device_config_sys_traced_prop)
|
|||
set_prop(system_server, device_config_window_manager_native_boot_prop)
|
||||
set_prop(system_server, device_config_configuration_prop)
|
||||
set_prop(system_server, device_config_connectivity_prop)
|
||||
|
||||
set_prop(system_server, device_config_surface_flinger_native_boot_prop)
|
||||
|
||||
# Allow query ART device config properties
|
||||
get_prop(system_server, device_config_runtime_native_boot_prop)
|
||||
|
|
@ -1216,6 +1216,7 @@ neverallow {
|
|||
device_config_runtime_native_prop
|
||||
device_config_media_native_prop
|
||||
device_config_storage_native_boot_prop
|
||||
device_config_surface_flinger_native_boot_prop
|
||||
device_config_sys_traced_prop
|
||||
device_config_swcodec_native_prop
|
||||
device_config_window_manager_native_boot_prop
|
||||
|
|
|
|||
Loading…
Reference in a new issue