Merge "Allow apps to read system_user_mode_emulation_prop." am: c696791a7f

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2072574

Change-Id: I4ac97ab72f5ec49087b6dcc3f10efeb34b1ab7bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

private/app.te

@@ -73,6 +73,9 @@ get_prop(appdomain, camera_calibration_prop)
 # Allow to read db.log.detailed, db.log.slow_query_threshold*
 get_prop(appdomain, sqlite_log_prop)
 
+# Allow to read system_user_mode_emulation_prop, which is used by UserManager.java
+userdebug_or_eng(`get_prop(appdomain, system_user_mode_emulation_prop)')
+
 # Allow font file read by apps.
 allow appdomain font_data_file:file r_file_perms;
 allow appdomain font_data_file:dir r_dir_perms;

private/compat/32.0/32.0.ignore.cil

@@ -69,6 +69,7 @@
     sysfs_gpu
     sysfs_lru_gen_enabled
     system_dlkm_file
+    system_user_mode_emulation_prop
     tare_service
     tv_iapp_service
     untrusted_app_30

private/property.te

@@ -49,7 +49,6 @@ system_internal_prop(virtualizationservice_prop)
 # Properties which can't be written outside system
 system_restricted_prop(device_config_vendor_system_native_prop)
 system_restricted_prop(device_config_virtualization_framework_native_prop)
-system_restricted_prop(system_user_mode_emulation_prop)
 
 ###
 ### Neverallow rules
@@ -122,7 +121,6 @@ neverallow * {
   -restorecon_prop
   -shell_prop
   -system_prop
-  -system_user_mode_emulation_prop
   -usb_prop
   -vold_prop
 }:file no_rw_file_perms;

public/property.te

@@ -218,6 +218,7 @@ system_public_prop(radio_prop)
 system_public_prop(serialno_prop)
 system_public_prop(surfaceflinger_color_prop)
 system_public_prop(system_prop)
+system_public_prop(system_user_mode_emulation_prop)
 system_public_prop(telephony_status_prop)
 system_public_prop(usb_control_prop)
 system_public_prop(vold_post_fs_data_prop)