Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 1d63d5d0756d0d47ef6ec816b3c35b3b96bd50d4^! / . / private
commit1d63d5d0756d0d47ef6ec816b3c35b3b96bd50d4[log] [tgz]
authorInseob Kim <inseob@google.com>Wed May 06 20:07:33 2020 +0900
committerInseob Kim <inseob@google.com>Wed May 13 00:29:32 2020 +0900
tree9aa31d093d17c714ed0a96dd571f634ff5c6cd5e
parent7a4adba63b86b607fead1bdc65ad5f9722288568 [diff]
Relabel ro.build. properties

- exported_fingerprint_prop is deleted
- other ro.build. properties become build_prop

Bug: 155844385
Test: sepolicy_tests
Change-Id: Ic1194e8e7c23394e5a7c6176f9f9598109bb5fb7

diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index e6b9f4f..520bb02 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil

@@ -30,6 +30,7 @@
     bluetooth_a2dp_offload_prop
     bpfloader
     bpfloader_exec
+    build_prop
     camera_config_prop
     cgroup_bpf
     charger_exec

diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
index 766518b..0a21e03 100644
--- a/private/compat/30.0/30.0.cil
+++ b/private/compat/30.0/30.0.cil

@@ -2,6 +2,7 @@
 (type exported_audio_prop)
 (type exported_dalvik_prop)
 (type exported_ffs_prop)
+(type exported_fingerprint_prop)
 (type exported_vold_prop)
 (type exported2_config_prop)
 (type exported2_vold_prop)
@@ -285,7 +286,6 @@
 (expandtypeattribute (ffs_prop_30_0) true)
 (expandtypeattribute (file_contexts_file_30_0) true)
 (expandtypeattribute (file_integrity_service_30_0) true)
-(expandtypeattribute (fingerprint_prop_30_0) true)
 (expandtypeattribute (fingerprint_service_30_0) true)
 (expandtypeattribute (fingerprint_vendor_data_file_30_0) true)
 (expandtypeattribute (fingerprintd_30_0) true)
@@ -1342,6 +1342,7 @@
 (typeattributeset exported2_default_prop_30_0
   ( exported2_default_prop
     aac_drc_prop
+    build_prop
     libc_debug_prop))
 (typeattributeset exported2_radio_prop_30_0 (exported2_radio_prop))
 (typeattributeset exported2_system_prop_30_0
@@ -1367,7 +1368,7 @@
   ( exported_ffs_prop
     ffs_config_prop
     ffs_control_prop))
-(typeattributeset exported_fingerprint_prop_30_0 (exported_fingerprint_prop))
+(typeattributeset exported_fingerprint_prop_30_0 (exported_fingerprint_prop fingerprint_prop))
 (typeattributeset exported_overlay_prop_30_0 (exported_overlay_prop))
 (typeattributeset exported_pm_prop_30_0 (exported_pm_prop))
 (typeattributeset exported_radio_prop_30_0 (exported_radio_prop))
@@ -1383,7 +1384,6 @@
 (typeattributeset ffs_prop_30_0 (ffs_prop))
 (typeattributeset file_contexts_file_30_0 (file_contexts_file))
 (typeattributeset file_integrity_service_30_0 (file_integrity_service))
-(typeattributeset fingerprint_prop_30_0 (fingerprint_prop))
 (typeattributeset fingerprint_service_30_0 (fingerprint_service))
 (typeattributeset fingerprint_vendor_data_file_30_0 (fingerprint_vendor_data_file))
 (typeattributeset fingerprintd_30_0 (fingerprintd))

diff --git a/private/property.te b/private/property.te
index 4bd7e1a..d634d29 100644
--- a/private/property.te
+++ b/private/property.te

@@ -136,7 +136,6 @@
     exported_config_prop
     exported_default_prop
     exported_dumpstate_prop
-    exported_fingerprint_prop
     exported_system_prop
     exported_system_radio_prop
     exported2_default_prop

diff --git a/private/property_contexts b/private/property_contexts
index 9fdcb1a..20dcef7 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -112,7 +112,7 @@
 
 # ro.build.fingerprint is either set in /system/build.prop, or is
 # set at runtime by system_server.
-ro.build.fingerprint    u:object_r:fingerprint_prop:s0
+ro.build.fingerprint    u:object_r:fingerprint_prop:s0 exact string
 
 ro.persistent_properties.ready  u:object_r:persistent_properties_ready_prop:s0
 
@@ -585,31 +585,30 @@
 ro.boottime.init.mount.data u:object_r:boottime_public_prop:s0 exact string
 ro.boottime.init.fsck.data  u:object_r:boottime_public_prop:s0 exact string
 
-ro.build.date                        u:object_r:exported2_default_prop:s0 exact string
-ro.build.date.utc                    u:object_r:exported2_default_prop:s0 exact int
-ro.build.description                 u:object_r:exported2_default_prop:s0 exact string
-ro.build.display.id                  u:object_r:exported2_default_prop:s0 exact string
-ro.build.fingerprint                 u:object_r:exported_fingerprint_prop:s0 exact string
-ro.build.host                        u:object_r:exported2_default_prop:s0 exact string
-ro.build.id                          u:object_r:exported2_default_prop:s0 exact string
-ro.build.product                     u:object_r:exported2_default_prop:s0 exact string
-ro.build.system_root_image           u:object_r:exported2_default_prop:s0 exact bool
-ro.build.tags                        u:object_r:exported2_default_prop:s0 exact string
-ro.build.user                        u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.base_os             u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.codename            u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.incremental         u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.preview_sdk         u:object_r:exported2_default_prop:s0 exact int
-ro.build.version.release             u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.release_or_codename u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.sdk                 u:object_r:exported2_default_prop:s0 exact int
-ro.build.version.security_patch      u:object_r:exported2_default_prop:s0 exact string
+ro.build.date                        u:object_r:build_prop:s0 exact string
+ro.build.date.utc                    u:object_r:build_prop:s0 exact int
+ro.build.description                 u:object_r:build_prop:s0 exact string
+ro.build.display.id                  u:object_r:build_prop:s0 exact string
+ro.build.host                        u:object_r:build_prop:s0 exact string
+ro.build.id                          u:object_r:build_prop:s0 exact string
+ro.build.product                     u:object_r:build_prop:s0 exact string
+ro.build.system_root_image           u:object_r:build_prop:s0 exact bool
+ro.build.tags                        u:object_r:build_prop:s0 exact string
+ro.build.user                        u:object_r:build_prop:s0 exact string
+ro.build.version.base_os             u:object_r:build_prop:s0 exact string
+ro.build.version.codename            u:object_r:build_prop:s0 exact string
+ro.build.version.incremental         u:object_r:build_prop:s0 exact string
+ro.build.version.preview_sdk         u:object_r:build_prop:s0 exact int
+ro.build.version.release             u:object_r:build_prop:s0 exact string
+ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string
+ro.build.version.sdk                 u:object_r:build_prop:s0 exact int
+ro.build.version.security_patch      u:object_r:build_prop:s0 exact string
+
+ro.debuggable u:object_r:build_prop:s0 exact bool
 
 ro.crypto.state u:object_r:vold_status_prop:s0 exact enum encrypted unencrypted unsupported
 ro.crypto.type  u:object_r:vold_status_prop:s0 exact enum block file none
 
-ro.debuggable u:object_r:exported2_default_prop:s0 exact int
-
 ro.hardware u:object_r:exported2_default_prop:s0 exact string
 
 ro.product.brand        u:object_r:exported2_default_prop:s0 exact string

diff --git a/private/system_server.te b/private/system_server.te
index e9f57f1..db8bdc9 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -610,7 +610,6 @@
 set_prop(system_server, debug_prop)
 set_prop(system_server, powerctl_prop)
 set_prop(system_server, fingerprint_prop)
-set_prop(system_server, exported_fingerprint_prop)
 set_prop(system_server, device_logging_prop)
 set_prop(system_server, dumpstate_options_prop)
 set_prop(system_server, overlay_prop)