Add new context dalvik_runtime_prop
persist.sys.dalvik.vm.lib.2 is moved to a new context
dalvik_runtime_prop from bad context name.
Bug: 154885206
Test: boot device and see logcat
Change-Id: I9dea95105c266088d5f071bf2d890048f0999b0b
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 58f340e..504d0b6 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -43,6 +43,7 @@
ctl_interface_stop_prop
ctl_sigstop_prop
dalvik_config_prop
+ dalvik_runtime_prop
device_config_boot_count_prop
device_config_reset_performed_prop
device_config_netd_native_prop
diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
index 7ab350b..767324d 100644
--- a/private/compat/30.0/30.0.cil
+++ b/private/compat/30.0/30.0.cil
@@ -1347,6 +1347,7 @@
(typeattributeset exported2_radio_prop_30_0 (exported2_radio_prop))
(typeattributeset exported2_system_prop_30_0
( exported2_system_prop
+ dalvik_runtime_prop
surfaceflinger_color_prop
zram_control_prop))
(typeattributeset exported2_vold_prop_30_0 (exported2_vold_prop vold_config_prop))
diff --git a/private/coredomain.te b/private/coredomain.te
index f768987..bf6cdd5 100644
--- a/private/coredomain.te
+++ b/private/coredomain.te
@@ -4,6 +4,7 @@
get_prop(coredomain, lmkd_config_prop)
get_prop(coredomain, camera_config_prop)
get_prop(coredomain, hdmi_config_prop)
+get_prop(coredomain, dalvik_runtime_prop)
full_treble_only(`
neverallow {
diff --git a/private/property.te b/private/property.te
index 1958010..0ea7a40 100644
--- a/private/property.te
+++ b/private/property.te
@@ -355,3 +355,9 @@
-system_server
-vendor_init
} zram_control_prop:property_service set;
+
+neverallow {
+ -init
+ -system_server
+ -vendor_init
+} dalvik_runtime_prop:property_service set;
diff --git a/private/property_contexts b/private/property_contexts
index 0e4a8a7..93e9845 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -337,6 +337,8 @@
dalvik.vm.usejitprofiles u:object_r:dalvik_config_prop:s0 exact bool
dalvik.vm.zygote.max-boot-retry u:object_r:dalvik_config_prop:s0 exact int
+persist.sys.dalvik.vm.lib.2 u:object_r:dalvik_runtime_prop:s0 exact string
+
drm.service.enabled u:object_r:exported3_default_prop:s0 exact bool
keyguard.no_require_sim u:object_r:exported3_default_prop:s0 exact bool
@@ -360,8 +362,6 @@
persist.radio.multisim.config u:object_r:exported3_radio_prop:s0 exact string
-persist.sys.dalvik.vm.lib.2 u:object_r:exported2_system_prop:s0 exact string
-
persist.sys.hdmi.keep_awake u:object_r:hdmi_config_prop:s0 exact bool
ro.hdmi.device_type u:object_r:hdmi_config_prop:s0 exact string
ro.hdmi.wake_on_hotplug u:object_r:hdmi_config_prop:s0 exact bool
diff --git a/private/system_server.te b/private/system_server.te
index fdfec0a..67af9be 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -688,6 +688,9 @@
# Read/write persist.sys.zram_enabled
set_prop(system_server, zram_control_prop)
+# Read/write persist.sys.dalvik.vm.lib.2
+set_prop(system_server, dalvik_runtime_prop)
+
# Create a socket for connections from debuggerd.
allow system_server system_ndebug_socket:sock_file create_file_perms;