WLC: service: add sepolicy for property vendor.wlcservice.test
avc: denied { read } for comm="binder:882_3" name="u:object_r:default_prop:s0" dev="tmpfs" ino=172 scontext=u:r:hal_wlcservice:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
Test: authentication test mode
Bug: 350830879
Flag: EXEMPT bugfix
Change-Id: Ie9f8fc5cce8e62b06931b77aa8cd16a3c9516fb5
Signed-off-by: YiKai Peng <kenpeng@google.com>
diff --git a/wireless_charger/sepolicy/hal_wlcservice.te b/wireless_charger/sepolicy/hal_wlcservice.te
index eadb593..6eba2ef 100644
--- a/wireless_charger/sepolicy/hal_wlcservice.te
+++ b/wireless_charger/sepolicy/hal_wlcservice.te
@@ -8,6 +8,8 @@
allow hal_wlcservice hal_wireless_charger_service:service_manager find;
allow hal_wlcservice kmsg_device:chr_file { getattr w_file_perms };
+get_prop(hal_wlcservice, vendor_wlcservice_test_prop)
+
binder_call(hal_wlcservice, servicemanager)
add_service(hal_wlcservice, hal_wlcservice_service)
diff --git a/wireless_charger/sepolicy/property.te b/wireless_charger/sepolicy/property.te
new file mode 100644
index 0000000..b8ddbdf
--- /dev/null
+++ b/wireless_charger/sepolicy/property.te
@@ -0,0 +1 @@
+vendor_internal_prop(vendor_wlcservice_test_prop)
diff --git a/wireless_charger/sepolicy/property_contexts b/wireless_charger/sepolicy/property_contexts
new file mode 100644
index 0000000..8cf8f70
--- /dev/null
+++ b/wireless_charger/sepolicy/property_contexts
@@ -0,0 +1 @@
+vendor.wlcservice.test.authentication u:object_r:vendor_wlcservice_test_prop:s0 exact bool