[KM-VM] Add SELinux rules for system internal properties Bug: 368502791 Test: launch_cvd --secure_hals=guest_keymint_trusty_insecure Test: atest VtsAidlSharedSecretTargetTest Change-Id: I8205bec507f603ad19091abaff77036dc1895f92

commit: 561429cbd645e5ceea4fc11962ea7f32c0fa9e11 [log] [tgz]
author: Alice Wang <aliceywang@google.com> Wed Oct 30 10:02:12 2024 +0000
committer: Alice Wang <aliceywang@google.com> Wed Oct 30 10:02:12 2024 +0000
tree: b13c2e59aeced547a505b42f4bd722d089041dcd
parent: 6a8e53d5a2112c3ceb867abd4664afe49210e78a [diff]
diff --git a/private/property.te b/private/property.te
index 17e6d6e..65ef179 100644
--- a/private/property.te
+++ b/private/property.te

@@ -73,6 +73,7 @@
 system_internal_prop(suspend_debug_prop)
 system_internal_prop(system_service_enable_prop)
 system_internal_prop(ctl_artd_pre_reboot_prop)
+system_internal_prop(trusty_security_vm_sys_prop)
 
 
 # Properties which can't be written outside system

diff --git a/private/property_contexts b/private/property_contexts
index d417a5b..d5679fa 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -1745,3 +1745,7 @@
 # Properties for enabling/disabling system services
 ro.system_settings.service.odp_enabled   u:object_r:system_service_enable_prop:s0 exact bool
 ro.system_settings.service.backgound_install_control_enabled   u:object_r:system_service_enable_prop:s0 exact bool
+
+# Properties related to Trusty VMs
+trusty.security_vm.nonsecure_vm_ready u:object_r:trusty_security_vm_sys_prop:s0 exact bool
+trusty.security_vm.vm_cid u:object_r:trusty_security_vm_sys_prop:s0 exact int
commit	561429cbd645e5ceea4fc11962ea7f32c0fa9e11	[log] [tgz]
author	Alice Wang <aliceywang@google.com>	Wed Oct 30 10:02:12 2024 +0000
committer	Alice Wang <aliceywang@google.com>	Wed Oct 30 10:02:12 2024 +0000
tree	b13c2e59aeced547a505b42f4bd722d089041dcd
parent	6a8e53d5a2112c3ceb867abd4664afe49210e78a [diff]