commit 180a277d67a293891f4023070ab236a9435f8520
author Weilun Du <wdu@google.com> Tue Feb 09 20:54:32 2021 -0800
committer Weilun Du <wdu@google.com> Thu Feb 11 04:18:54 2021 +0000
tree b8652aaab8a277800c4fbe1c998ffc351ac4ffc0
parent e8d2732651edfaf9f32df039216cbf54f247e9ec

Add qemu.hw.mainkeys to system property_contexts

Bug: 178143857

Signed-off-by: Weilun Du <wdu@google.com>
Change-Id: Idfc2bffa52016d1e880974bb193025400e90a538

private/compat/30.0/30.0.ignore.cil

diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 3eace95..61c073a 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -75,6 +75,7 @@
     profcollectd_data_file
     profcollectd_exec
     profcollectd_service
+    qemu_hw_prop
     radio_core_data_file
     reboot_readiness_service
     remote_prov_app

private/platform_app.te

diff --git a/private/platform_app.te b/private/platform_app.te
index 7bf14c8..a112081 100644
--- a/private/platform_app.te
+++ b/private/platform_app.te
@@ -90,6 +90,9 @@
 # allow platform apps to read keyguard.no_require_sim
 get_prop(platform_app, keyguard_config_prop)
 
+# allow platform apps to read qemu.hw.mainkeys
+get_prop(platform_app, qemu_hw_prop)
+
 # allow platform apps to create symbolic link
 allow platform_app app_data_file:lnk_file create_file_perms;
 

private/property_contexts

diff --git a/private/property_contexts b/private/property_contexts
index 8778016..1e248d4 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -186,6 +186,9 @@
 dalvik.                 u:object_r:dalvik_prop:s0
 ro.dalvik.              u:object_r:dalvik_prop:s0
 
+# qemu_hw_prop is read/written by both system and vendor.
+qemu.hw.mainkeys        u:object_r:qemu_hw_prop:s0
+
 # Shared between system server and wificond
 wifi.                   u:object_r:wifi_prop:s0
 wlan.                   u:object_r:wifi_prop:s0

private/system_server.te

diff --git a/private/system_server.te b/private/system_server.te
index e1919e2..479f85e 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1318,3 +1318,6 @@
 # Only system server can write the font files.
 neverallow { domain -init -system_server } font_data_file:file no_w_file_perms;
 neverallow { domain -init -system_server } font_data_file:dir no_w_dir_perms;
+
+# Read qemu.hw.mainkeys property
+get_prop(system_server, qemu_hw_prop)

public/property.te

diff --git a/public/property.te b/public/property.te
index 37884f0..3f3f148 100644
--- a/public/property.te
+++ b/public/property.te
@@ -191,6 +191,7 @@
 system_public_prop(nfc_prop)
 system_public_prop(ota_prop)
 system_public_prop(powerctl_prop)
+system_public_prop(qemu_hw_prop)
 system_public_prop(radio_control_prop)
 system_public_prop(radio_prop)
 system_public_prop(serialno_prop)

public/vendor_init.te

diff --git a/public/vendor_init.te b/public/vendor_init.te
index 685317b..5a0382d 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -233,6 +233,7 @@
 set_prop(vendor_init, logd_prop)
 set_prop(vendor_init, log_tag_prop)
 set_prop(vendor_init, log_prop)
+set_prop(vendor_init, qemu_hw_prop)
 set_prop(vendor_init, radio_control_prop)
 set_prop(vendor_init, rebootescrow_hal_prop)
 set_prop(vendor_init, serialno_prop)