Merge "Add adaptive haptics restricted system property"

This commit is contained in:
Treehugger Robot 2022-11-14 10:52:56 +00:00 committed by Gerrit Code Review
commit bc37c334e5
4 changed files with 9 additions and 0 deletions

View file

@ -5,6 +5,7 @@
(typeattribute new_objects)
(typeattributeset new_objects
( new_objects
adaptive_haptics_prop
apex_ready_prop
artd
credential_service

View file

@ -1466,3 +1466,6 @@ vendor.fingerprint.virtual.operation_authenticate_duration u:object_r:virtual_fi
# properties for tuner
ro.tuner.lazyhal u:object_r:tuner_config_prop:s0 exact bool
tuner.server.enable u:object_r:tuner_server_ctl_prop:s0 exact bool
# Adaptive haptics settings property
vibrator.adaptive_haptics.enabled u:object_r:adaptive_haptics_prop:s0 exact string

View file

@ -34,6 +34,7 @@ allow system_app wallpaper_file:file r_file_perms;
allow system_app icon_file:file r_file_perms;
# Write to properties
set_prop(system_app, adaptive_haptics_prop)
set_prop(system_app, arm64_memtag_prop)
set_prop(system_app, bluetooth_a2dp_offload_prop)
set_prop(system_app, bluetooth_audio_hal_prop)
@ -192,3 +193,6 @@ neverallow system_app fuse_device:chr_file *;
# bug reports, but not reads.
neverallow system_app shell_data_file:dir { no_w_dir_perms open search read };
neverallow system_app shell_data_file:file { open read ioctl lock };
# system_app should be the only domain writing the adaptive haptics prop
neverallow { domain -init -system_app } adaptive_haptics_prop:property_service set;

View file

@ -52,6 +52,7 @@ compatible_property_only(`
# Properties which can't be written outside system
system_restricted_prop(aac_drc_prop)
system_restricted_prop(adaptive_haptics_prop)
system_restricted_prop(apex_ready_prop)
system_restricted_prop(arm64_memtag_prop)
system_restricted_prop(binder_cache_bluetooth_server_prop)