Add contexts for init.svc.* props To remove bad context names "exported*_prop". Other init.svc.* properties explicitly become system internal prop. Bug: 155844385 Test: boot and see no denials Change-Id: I7a3b4103a4cea77035a6e831e3b6a49a45f15a35

commit: 15e5e0a470857795e66f4033c1bf0159e44df5c9 [log] [tgz]
author: Inseob Kim <inseob@google.com> Thu May 14 19:43:08 2020 +0900
committer: Inseob Kim <inseob@google.com> Wed May 20 12:08:02 2020 +0900
tree: bd9dc288421060e34f82382ebaad6e5164a2ae18
parent: 5f1fe1eaac93de40ef7800b008aca963d15ddfbf [diff] [blame]
diff --git a/private/property.te b/private/property.te
index ca4dd65..ecbfff3 100644
--- a/private/property.te
+++ b/private/property.te

@@ -7,6 +7,7 @@
 system_internal_prop(fastbootd_protocol_prop)
 system_internal_prop(gsid_prop)
 system_internal_prop(init_perf_lsm_hooks_prop)
+system_internal_prop(init_service_status_private_prop)
 system_internal_prop(init_svc_debug_prop)
 system_internal_prop(last_boot_reason_prop)
 system_internal_prop(netd_stable_secret_prop)
@@ -385,3 +386,10 @@
   provisioned_prop
   retaildemo_prop
 }:file no_rw_file_perms;
+
+neverallow {
+  -init
+} {
+  init_service_status_private_prop
+  init_service_status_prop
+}:property_service set;
commit	15e5e0a470857795e66f4033c1bf0159e44df5c9	[log] [tgz]
author	Inseob Kim <inseob@google.com>	Thu May 14 19:43:08 2020 +0900
committer	Inseob Kim <inseob@google.com>	Wed May 20 12:08:02 2020 +0900
tree	bd9dc288421060e34f82382ebaad6e5164a2ae18
parent	5f1fe1eaac93de40ef7800b008aca963d15ddfbf [diff] [blame]