Add eSIM directory and disable bootstrap when bootloader is unlocked in user build
Allow vendor_init to set setupwizard prop
Allow priv_app and gmscore_app to get setupwizard prop
<11>[ 7.276992][ T329] init: Unable to set property 'setupwizard.feature.provisioning_profile_mode' from uid:0 gid:0 pid:330: SELinux permission check failed
08-28 15:35:42.536 10156 5884 5884 W oid.setupwizard: type=1400 audit(0.0:63): avc: denied { read } for name="u:object_r:setupwizard_feature_prop:s0" dev="tmpfs" ino=335 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:setupwizard_feature_prop:s0 tclass=file permissive=0 app=com.google.android.setupwizard
08-28 15:11:52.015 10185 6915 6915 W highpool[8]: type=1400 audit(0.0:17): avc: denied { read } for name="u:object_r:setupwizard_feature_prop:s0" dev="tmpfs" ino=339 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:setupwizard_feature_prop:s0 tclass=file permissive=0 app=com.google.android.gms
Bug: 349592724
Test: m
Change-Id: I8330c9f6f9efd215ec4ea1f7d3d6ff5596773e21
Flag: NONE disabling a feature just in factory
diff --git a/esim/Android.bp b/esim/Android.bp
new file mode 100644
index 0000000..a2427f1
--- /dev/null
+++ b/esim/Android.bp
@@ -0,0 +1,10 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+prebuilt_etc {
+ name: "init.esim-gs.rc",
+ src: "init.esim-gs.rc",
+ vendor: true,
+ sub_dir: "init",
+}
diff --git a/esim/OWNERS b/esim/OWNERS
new file mode 100644
index 0000000..157ecd6
--- /dev/null
+++ b/esim/OWNERS
@@ -0,0 +1,2 @@
+kiwonp@google.com
+mewan@google.com
\ No newline at end of file
diff --git a/esim/esim.mk b/esim/esim.mk
new file mode 100644
index 0000000..47e21b7
--- /dev/null
+++ b/esim/esim.mk
@@ -0,0 +1,5 @@
+PRODUCT_PACKAGES += init.esim-gs.rc
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/esim/sepolicy/vendor
+# system_ext
+SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/esim/sepolicy/system_ext/public
+SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/esim/sepolicy/system_ext/private
diff --git a/esim/init.esim-gs.rc b/esim/init.esim-gs.rc
new file mode 100644
index 0000000..291f9ee
--- /dev/null
+++ b/esim/init.esim-gs.rc
@@ -0,0 +1,7 @@
+# Disable bootstrap when bootloader is unlocked in user build
+on property:ro.build.type=user && property:ro.boot.flash.locked=0
+ setprop setupwizard.feature.provisioning_profile_mode false
+
+# Disable bootstrap for DVT devices shipping to non-US carriers
+on property:ro.boot.warranty.sku=BOF
+ setprop setupwizard.feature.provisioning_profile_mode false
diff --git a/esim/sepolicy/system_ext/private/gmscore_app.te b/esim/sepolicy/system_ext/private/gmscore_app.te
new file mode 100644
index 0000000..90bc371
--- /dev/null
+++ b/esim/sepolicy/system_ext/private/gmscore_app.te
@@ -0,0 +1,2 @@
+# Allow to read setupwizard_feature_prop
+get_prop(priv_app, setupwizard_feature_prop)
diff --git a/esim/sepolicy/system_ext/private/priv_app.te b/esim/sepolicy/system_ext/private/priv_app.te
new file mode 100644
index 0000000..90bc371
--- /dev/null
+++ b/esim/sepolicy/system_ext/private/priv_app.te
@@ -0,0 +1,2 @@
+# Allow to read setupwizard_feature_prop
+get_prop(priv_app, setupwizard_feature_prop)
diff --git a/esim/sepolicy/system_ext/private/property_contexts b/esim/sepolicy/system_ext/private/property_contexts
new file mode 100644
index 0000000..464a289
--- /dev/null
+++ b/esim/sepolicy/system_ext/private/property_contexts
@@ -0,0 +1,2 @@
+# setupwizard
+setupwizard.feature.provisioning_profile_mode u:object_r:setupwizard_feature_prop:s0
diff --git a/esim/sepolicy/system_ext/public/property.te b/esim/sepolicy/system_ext/public/property.te
new file mode 100644
index 0000000..96cb3b3
--- /dev/null
+++ b/esim/sepolicy/system_ext/public/property.te
@@ -0,0 +1,2 @@
+# setupwizard
+system_public_prop(setupwizard_feature_prop)
diff --git a/esim/sepolicy/vendor/vendor_init.te b/esim/sepolicy/vendor/vendor_init.te
new file mode 100644
index 0000000..c9cb14e
--- /dev/null
+++ b/esim/sepolicy/vendor/vendor_init.te
@@ -0,0 +1,2 @@
+# setupwizard
+set_prop(vendor_init, setupwizard_feature_prop)