tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/private/compat
History
Inseob Kim d5a0448a53 Add entries for some properties in default_prop 
Currently default_prop is readable by coredomain and appdomain. That's
too broad, and we are going to restrict the access so every property
should be added to property_contexts.

This adds some missing properties to property_contexts. Newly added
property contexts are:

- wrap.*: used by zygote to give arguments. It's assigned as
zygote_wrap_prop, and will be readable from coredomain.

- partition.{mount_name}.verified: used by dm-verity. It's assigned as
vertiy_status_prop, and will only be accessible from init.

- (ro.)?setupwizard.*: used by setup wizard. It's assigned as
setupwizard_prop, and will be readable from coredomain.

Other properties, such as ro.gfx.*, media.stagefright.*,
ro.storage_manager.* are also added to existing contexts.

Bug: 170590987
Test: boot crosshatch and see no denials
Change-Id: Ife9d69a62ee8bd7395a70cd104271898c8a72540
2020-11-06 14:02:34 +09:00
..
26.0 Remove exported3_default_prop 2020-07-21 04:16:04 +00:00
27.0 Add ro.bootimage.* property contexts 2020-10-07 11:55:20 -07:00
28.0 sepolicy: Remove offload HAL sepolicy rules 2020-05-08 11:17:12 +09:00
29.0 Merge "sepolicy: label vendor_service_contexts as vendor_service_contexts_file" am: bc8ed95f69 am: 23068f2625 2020-06-16 09:37:41 +00:00
30.0 Add entries for some properties in default_prop 2020-11-06 14:02:34 +09:00