Add sepolicy to allow pbcs to use SysProps
-Add custom domain for our sysprops, of the forms
-vendor.camera.pbcs.debug.*
-persist.vendor.camera.pbcs.debug.*
-Example: vendor.camera.pbcs.debug.enable_lyricconfigprovider
-This domain will be system + vendor_init writable
-Allow PBCS to read those sysprops
We should now be able to gate our features in PBCS and merge in
successfully. For local dev, we can do:
adb root && adb shell setprop <prop> 1
Bug: 280340307
Test: android.os.SystemProperties.get() works successfully in
LyricConfigProvider for vendor.camera.pbcs.debug.* props
Change-Id: I4b151f606883c0ae32f99b5f75b70b5d4e228f1d
diff --git a/camera/sepolicy/property.te b/camera/sepolicy/property.te
index 19d6a2f..1f899b6 100644
--- a/camera/sepolicy/property.te
+++ b/camera/sepolicy/property.te
@@ -1,2 +1,3 @@
vendor_internal_prop(vendor_camera_debug_prop)
+system_vendor_config_prop(vendor_camera_pbcs_debug_prop)
diff --git a/camera/sepolicy/property_contexts b/camera/sepolicy/property_contexts
index 5e2c815..0093487 100644
--- a/camera/sepolicy/property_contexts
+++ b/camera/sepolicy/property_contexts
@@ -1,2 +1,4 @@
vendor.camera.debug. u:object_r:vendor_camera_debug_prop:s0
+persist.vendor.camera.pbcs.debug. u:object_r:vendor_camera_pbcs_debug_prop:s0
+vendor.camera.pbcs.debug. u:object_r:vendor_camera_pbcs_debug_prop:s0
diff --git a/camera/sepolicy/vendor_pbcs_app.te b/camera/sepolicy/vendor_pbcs_app.te
index 1a3a0ef..d068308 100644
--- a/camera/sepolicy/vendor_pbcs_app.te
+++ b/camera/sepolicy/vendor_pbcs_app.te
@@ -12,3 +12,8 @@
add_service(vendor_pbcs_app, vendor_camera_lyricconfigprovider_service);
binder_call(vendor_pbcs_app, hal_camera_default);
+
+# Allow PBCS to read debug system properties of the form vendor.camera.pbcs.debug.*
+# and persist.vendor.camera.pbcs.debug.*
+get_prop(vendor_pbcs_app, vendor_camera_pbcs_debug_prop);
+