Merge "Making sys.boot.reason.last restricted" into main

commit: 37d8c5f8c21141a6b9b73abc08dc3af633e591c3 [log] [tgz]
author: Alexei Nicoara <ancr@google.com> Wed Sep 13 17:35:49 2023 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Sep 13 17:35:49 2023 +0000
tree: 695074913d684c8ae542af865cc2f98d3fc11a2e
parent: c8eacad5a8ce5224cab0aa692525e7316eda8e47 [diff]
parent: 957e8f37a138ed74586f252e1018fede99874087 [diff]
diff --git a/private/bootstat.te b/private/bootstat.te
index 016292e..99d8c6d 100644
--- a/private/bootstat.te
+++ b/private/bootstat.te

@@ -17,6 +17,7 @@
   -dumpstate
   userdebug_or_eng(`-incidentd')
   -init
+  -platform_app
   -recovery
   -shell
   -system_server

diff --git a/private/platform_app.te b/private/platform_app.te
index 1bd0020..cd95353 100644
--- a/private/platform_app.te
+++ b/private/platform_app.te

@@ -116,6 +116,9 @@
 # allow platform apps to read qemu.hw.mainkeys
 get_prop(platform_app, qemu_hw_prop)
 
+# allow platform apps to read sys.boot.reason.last
+get_prop(platform_app, last_boot_reason_prop)
+
 # allow platform apps to create symbolic link
 allow platform_app app_data_file:lnk_file create_file_perms;
commit	37d8c5f8c21141a6b9b73abc08dc3af633e591c3	[log] [tgz]
author	Alexei Nicoara <ancr@google.com>	Wed Sep 13 17:35:49 2023 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Sep 13 17:35:49 2023 +0000
tree	695074913d684c8ae542af865cc2f98d3fc11a2e
parent	c8eacad5a8ce5224cab0aa692525e7316eda8e47 [diff]
parent	957e8f37a138ed74586f252e1018fede99874087 [diff]