Merge "APEX file_context should have valid labels" into main
diff --git a/apex/Android.bp b/apex/Android.bp
index 37b6171..9929c24 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -38,13 +38,6 @@
}
filegroup {
- name: "com.android.threadnetwork-file_contexts",
- srcs: [
- "com.android.threadnetwork-file_contexts",
- ],
-}
-
-filegroup {
name: "com.android.sdkext-file_contexts",
srcs: [
"com.android.sdkext-file_contexts",
diff --git a/apex/com.android.tethering-file_contexts b/apex/com.android.tethering-file_contexts
index af366d8..53843ea 100644
--- a/apex/com.android.tethering-file_contexts
+++ b/apex/com.android.tethering-file_contexts
@@ -1,3 +1,4 @@
(/.*)? u:object_r:system_file:s0
/bin/for-system/clatd u:object_r:clatd_exec:s0
+/bin/ot-daemon u:object_r:ot_daemon_exec:s0
/lib(64)?(/.*) u:object_r:system_lib_file:s0
diff --git a/apex/com.android.threadnetwork-file_contexts b/apex/com.android.threadnetwork-file_contexts
deleted file mode 100644
index 3264177..0000000
--- a/apex/com.android.threadnetwork-file_contexts
+++ /dev/null
@@ -1,2 +0,0 @@
-(/.*)? u:object_r:system_file:s0
-/bin/ot-daemon u:object_r:ot_daemon_exec:s0
diff --git a/private/priv_app.te b/private/priv_app.te
index 52077ef..b911bc0 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -176,6 +176,9 @@
# allow privileged apps to read the vendor property that indicates if Incremental File System is enabled
get_prop(priv_app, incremental_prop)
+# allow privileged apps to read the device config flags.
+get_prop(priv_app, device_config_aconfig_flags_prop)
+
# Required for Phonesky to be able to read APEX files under /data/apex/active/.
allow priv_app apex_data_file:dir search;
allow priv_app staging_data_file:file r_file_perms;