From 8b5433a9cc52f0c9707f9c75a027027b12ef24dc Mon Sep 17 00:00:00 2001 From: Tom Cherry Date: Thu, 16 Nov 2017 14:25:02 -0800 Subject: [PATCH] Add /dev/__properties__/property_info Allow init to create a serialized property_info file and allow all processes to read it. Bug: 36001741 Test: boot bullhead, walleye using property_info Change-Id: Ie51d4c0f0221b128dd087029c811fda15b4d7093 --- private/compat/26.0/26.0.ignore.cil | 1 + private/file_contexts | 1 + public/device.te | 1 + public/domain.te | 1 + public/init.te | 3 +++ 5 files changed, 7 insertions(+) diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil index fea73873d..927296d2a 100644 --- a/private/compat/26.0/26.0.ignore.cil +++ b/private/compat/26.0/26.0.ignore.cil @@ -26,6 +26,7 @@ netd_stable_secret_prop network_watchlist_service package_native_service + property_info slice_service statscompanion_service storaged_data_file diff --git a/private/file_contexts b/private/file_contexts index ec7d246fd..3c6642aeb 100644 --- a/private/file_contexts +++ b/private/file_contexts @@ -171,6 +171,7 @@ /dev/xt_qtaguid u:object_r:qtaguid_device:s0 /dev/zero u:object_r:zero_device:s0 /dev/__properties__ u:object_r:properties_device:s0 +/dev/__properties__/property_info u:object_r:property_info:s0 ############################# # System files # diff --git a/public/device.te b/public/device.te index 1d0104529..43c89abd0 100644 --- a/public/device.te +++ b/public/device.te @@ -59,6 +59,7 @@ type usbaccessory_device, dev_type, mlstrustedobject; type usb_device, dev_type, mlstrustedobject; type properties_device, dev_type; type properties_serial, dev_type; +type property_info, dev_type; type i2c_device, dev_type; # All devices have a uart for the hci diff --git a/public/domain.te b/public/domain.te index eb02021fd..ec0532d5a 100644 --- a/public/domain.te +++ b/public/domain.te @@ -81,6 +81,7 @@ allow domain proc_random:dir r_dir_perms; allow domain proc_random:file r_file_perms; allow domain properties_device:dir { search getattr }; allow domain properties_serial:file r_file_perms; +allow domain property_info:file r_file_perms; # For now, everyone can access core property files # Device specific properties are not granted by default diff --git a/public/init.te b/public/init.te index 62a6e04e2..3a2d66783 100644 --- a/public/init.te +++ b/public/init.te @@ -21,6 +21,9 @@ userdebug_or_eng(` allow init properties_device:dir relabelto; allow init properties_serial:file { write relabelto }; allow init property_type:file { create_file_perms relabelto }; +# /dev/__properties__/property_info +allow init properties_device:file create_file_perms; +allow init property_info:file relabelto; # /dev/event-log-tags allow init device:file relabelfrom; allow init runtime_event_log_tags_file:file { open write setattr relabelto create };