Merge "sepolicy: allow rules for apk verify system property"
diff --git a/private/compat/29.0/29.0.cil b/private/compat/29.0/29.0.cil
index c447715..5eddc4e 100644
--- a/private/compat/29.0/29.0.cil
+++ b/private/compat/29.0/29.0.cil
@@ -1143,7 +1143,7 @@
(typeattributeset default_android_hwservice_29_0 (default_android_hwservice))
(typeattributeset default_android_service_29_0 (default_android_service))
(typeattributeset default_android_vndservice_29_0 (default_android_vndservice))
-(typeattributeset default_prop_29_0 (default_prop))
+(typeattributeset default_prop_29_0 (default_prop apk_verity_prop))
(typeattributeset dev_cpu_variant_29_0 (dev_cpu_variant))
(typeattributeset device_29_0 (device))
(typeattributeset device_config_activity_manager_native_boot_prop_29_0 (device_config_activity_manager_native_boot_prop))
diff --git a/private/installd.te b/private/installd.te
index 28f81a4..c89ba8b 100644
--- a/private/installd.te
+++ b/private/installd.te
@@ -37,6 +37,9 @@
get_prop(installd, device_config_runtime_native_prop)
get_prop(installd, device_config_runtime_native_boot_prop)
+# Allow installd to access apk verity feature flag (for legacy case).
+get_prop(installd, apk_verity_prop)
+
# Allow installd to delete files in /data/staging
allow installd staging_data_file:file unlink;
allow installd staging_data_file:dir { open read remove_name rmdir search write };
diff --git a/private/system_server.te b/private/system_server.te
index 3b40426..4778daa 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -639,6 +639,9 @@
# Read the property that mocks an OTA
get_prop(system_server, mock_ota_prop)
+# Read the property as feature flag for protecting apks with fs-verity.
+get_prop(system_server, apk_verity_prop)
+
# Create a socket for connections from debuggerd.
allow system_server system_ndebug_socket:sock_file create_file_perms;
diff --git a/public/property.te b/public/property.te
index 8abd404..f4a9575 100644
--- a/public/property.te
+++ b/public/property.te
@@ -98,6 +98,7 @@
# Properties with no restrictions
system_public_prop(audio_prop)
+system_public_prop(apk_verity_prop)
system_public_prop(bluetooth_a2dp_offload_prop)
system_public_prop(bluetooth_audio_hal_prop)
system_public_prop(bluetooth_prop)
diff --git a/public/property_contexts b/public/property_contexts
index 2951d33..7de752a 100644
--- a/public/property_contexts
+++ b/public/property_contexts
@@ -98,6 +98,7 @@
pm.dexopt.install u:object_r:exported_pm_prop:s0 exact string
pm.dexopt.shared u:object_r:exported_pm_prop:s0 exact string
ro.af.client_heap_size_kbyte u:object_r:exported3_default_prop:s0 exact int
+ro.apk_verity.mode u:object_r:apk_verity_prop:s0 exact int
ro.audio.monitorRotation u:object_r:exported3_default_prop:s0 exact bool
ro.bluetooth.a2dp_offload.supported u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool
ro.boot.vendor.overlay.theme u:object_r:exported_overlay_prop:s0 exact string
diff --git a/public/vendor_init.te b/public/vendor_init.te
index 710ff71..e6705f6 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -229,6 +229,7 @@
# Get file context
allow vendor_init file_contexts_file:file r_file_perms;
+set_prop(vendor_init, apk_verity_prop)
set_prop(vendor_init, bluetooth_a2dp_offload_prop)
set_prop(vendor_init, bluetooth_audio_hal_prop)
set_prop(vendor_init, cpu_variant_prop)