Adjust policy for hypervisor system properties 1. Allow them to be configured by vendor_init. 2. Introduce a new system property hypervisor.memory_reclaim.supported, which is configured by vendor_init and accessed only by virtualizationservice, and is not as widely accessible as the existing hypervisor sysprops. Bug: 235579465 Test: atest MicrodroidTests Change-Id: I952432568a6ab351b5cc155ff5eb0cb0dcddf433

commit: 84bb5eeccb3be4a4618f4b27848f03129677764c [log] [tgz]
author: Keir Fraser <keirf@google.com> Wed Nov 23 14:06:36 2022 +0000
committer: Keir Fraser <keirf@google.com> Thu Nov 24 10:23:58 2022 +0000
tree: 62b85178e1686583a4f6da56224f12a77d9ac6dc
parent: 0065888fe751879514350c66e132386c9ceb7646 [diff] [blame]
diff --git a/private/property_contexts b/private/property_contexts
index b8503bd..823fa2f 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -640,6 +640,10 @@
 external_storage.cross_user.enabled u:object_r:storage_config_prop:s0 exact bool
 ro.fuse.bpf.enabled u:object_r:storage_config_prop:s0 exact bool
 
+# hypervisor.*: configured by the vendor to advertise capabilities of their
+# hypervisor to virtualizationservice.
+hypervisor.memory_reclaim.supported u:object_r:hypervisor_restricted_prop:s0 exact bool
+
 ro.config.per_app_memcg         u:object_r:lmkd_config_prop:s0 exact bool
 ro.lmk.critical                 u:object_r:lmkd_config_prop:s0 exact int
 ro.lmk.critical_upgrade         u:object_r:lmkd_config_prop:s0 exact bool
commit	84bb5eeccb3be4a4618f4b27848f03129677764c	[log] [tgz]
author	Keir Fraser <keirf@google.com>	Wed Nov 23 14:06:36 2022 +0000
committer	Keir Fraser <keirf@google.com>	Thu Nov 24 10:23:58 2022 +0000
tree	62b85178e1686583a4f6da56224f12a77d9ac6dc
parent	0065888fe751879514350c66e132386c9ceb7646 [diff] [blame]