[MTE] Allow system_app to write memtag property. (cherry picked from commit 39f29f758ebeb4d7a5edc6151d8b24c815cd99aa) (we need this cherry picked on android12-tests-dev to allow OEMs to backport the associated feature without violating the neverallow CTS) Bug: 206895651 Merged-In: I6463965c094b9b3c4f3f70929a09e109ee9c84b9 Change-Id: I6463965c094b9b3c4f3f70929a09e109ee9c84b9

commit: 4042fa5dec50b926dcdc14f874e24f35ec50bf57 [log] [tgz]
author: Florian Mayer <fmayer@google.com> Tue Dec 21 12:06:31 2021 -0800
committer: Florian Mayer <fmayer@google.com> Thu Jan 20 22:48:46 2022 +0000
tree: 3f6833ab3f2457da45cccb987c2307db63f660ce
parent: 3cfbe228527ab8be8308c5e61a10b4f0d0eb93f1 [diff]
diff --git a/private/property.te b/private/property.te
index 29f4f1a..e72693a 100644
--- a/private/property.te
+++ b/private/property.te

@@ -395,10 +395,12 @@
 
 # Allow the shell to set MTE props, so that non-root users with adb shell
 # access can control the settings on their device.
+# Allow system apps to set MTE props, so Developer Options can set them.
 neverallow {
   domain
   -init
   -shell
+  -system_app
 } {
   arm64_memtag_prop
 }:property_service set;

diff --git a/private/system_app.te b/private/system_app.te
index 239686e..41fac62 100644
--- a/private/system_app.te
+++ b/private/system_app.te

@@ -34,6 +34,7 @@
 allow system_app icon_file:file r_file_perms;
 
 # Write to properties
+set_prop(system_app, arm64_memtag_prop)
 set_prop(system_app, bluetooth_a2dp_offload_prop)
 set_prop(system_app, bluetooth_audio_hal_prop)
 set_prop(system_app, bluetooth_prop)
commit	4042fa5dec50b926dcdc14f874e24f35ec50bf57	[log] [tgz]
author	Florian Mayer <fmayer@google.com>	Tue Dec 21 12:06:31 2021 -0800
committer	Florian Mayer <fmayer@google.com>	Thu Jan 20 22:48:46 2022 +0000
tree	3f6833ab3f2457da45cccb987c2307db63f660ce
parent	3cfbe228527ab8be8308c5e61a10b4f0d0eb93f1 [diff]