Merge "Rename contexts of ffs props"
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 98c023f..d99405f 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -29,6 +29,7 @@
bluetooth_a2dp_offload_prop
bpfloader
bpfloader_exec
+ camera_config_prop
cgroup_bpf
charger_exec
color_display_service
@@ -100,6 +101,7 @@
iorapd_service
iorapd_tmpfs
last_boot_reason_prop
+ libc_debug_prop
llkd
llkd_exec
llkd_prop
diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
index a7378bb..b7a8eab 100644
--- a/private/compat/30.0/30.0.cil
+++ b/private/compat/30.0/30.0.cil
@@ -1339,13 +1339,16 @@
(typeattributeset ethernet_service_30_0 (ethernet_service))
(typeattributeset exfat_30_0 (exfat))
(typeattributeset exported2_config_prop_30_0 (exported2_config_prop systemsound_config_prop))
-(typeattributeset exported2_default_prop_30_0 (exported2_default_prop))
+(typeattributeset exported2_default_prop_30_0 (exported2_default_prop libc_debug_prop))
(typeattributeset exported2_radio_prop_30_0 (exported2_radio_prop))
(typeattributeset exported2_system_prop_30_0
( exported2_system_prop
surfaceflinger_color_prop))
(typeattributeset exported2_vold_prop_30_0 (exported2_vold_prop vold_config_prop))
-(typeattributeset exported3_default_prop_30_0 (exported3_default_prop lmkd_config_prop))
+(typeattributeset exported3_default_prop_30_0
+ ( exported3_default_prop
+ camera_config_prop
+ lmkd_config_prop))
(typeattributeset exported3_radio_prop_30_0 (exported3_radio_prop))
(typeattributeset exported3_system_prop_30_0 (exported3_system_prop boot_status_prop))
(typeattributeset exported_audio_prop_30_0 (exported_audio_prop audio_config_prop))
diff --git a/private/coredomain.te b/private/coredomain.te
index 435e48c..2aa44c2 100644
--- a/private/coredomain.te
+++ b/private/coredomain.te
@@ -2,6 +2,7 @@
get_prop(coredomain, exported_pm_prop)
get_prop(coredomain, ffs_config_prop)
get_prop(coredomain, lmkd_config_prop)
+get_prop(coredomain, camera_config_prop)
full_treble_only(`
neverallow {
diff --git a/private/permissioncontroller_app.te b/private/permissioncontroller_app.te
index 8a6f6aa..41185e3 100644
--- a/private/permissioncontroller_app.te
+++ b/private/permissioncontroller_app.te
@@ -27,6 +27,7 @@
allow permissioncontroller_app IProxyService_service:service_manager find;
allow permissioncontroller_app location_service:service_manager find;
allow permissioncontroller_app media_session_service:service_manager find;
+allow permissioncontroller_app radio_service:service_manager find;
allow permissioncontroller_app surfaceflinger_service:service_manager find;
allow permissioncontroller_app telecom_service:service_manager find;
allow permissioncontroller_app trust_service:service_manager find;
diff --git a/private/property.te b/private/property.te
index 9170a7e..4bd7e1a 100644
--- a/private/property.te
+++ b/private/property.te
@@ -344,3 +344,9 @@
} {
surfaceflinger_color_prop
}:property_service set;
+
+neverallow {
+ -init
+} {
+ libc_debug_prop
+}:property_service set;
diff --git a/private/property_contexts b/private/property_contexts
index 69875e0..4c94d80 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -258,8 +258,12 @@
audio.offload.video u:object_r:audio_config_prop:s0 exact bool
audio.offload.min.duration.secs u:object_r:audio_config_prop:s0 exact int
-camera.disable_zsl_mode u:object_r:exported3_default_prop:s0 exact bool
-camera.fifo.disable u:object_r:exported3_default_prop:s0 exact int
+config.disable_cameraservice u:object_r:camera_config_prop:s0 exact bool
+
+camera.disable_zsl_mode u:object_r:camera_config_prop:s0 exact bool
+camera.fifo.disable u:object_r:camera_config_prop:s0 exact bool
+ro.camera.notify_nfc u:object_r:camera_config_prop:s0 exact bool
+ro.camera.enableLazyHal u:object_r:camera_config_prop:s0 exact bool
# Should always_debuggable be bool? It's checked against the string "1".
dalvik.vm.always_debuggable u:object_r:dalvik_config_prop:s0 exact int
@@ -380,9 +384,6 @@
ro.bt.bdaddr_path u:object_r:exported_bluetooth_prop:s0 exact string
-ro.camera.notify_nfc u:object_r:exported3_default_prop:s0 exact int
-ro.camera.enableLazyHal u:object_r:exported3_default_prop:s0 exact bool
-
ro.com.android.dataroaming u:object_r:exported3_default_prop:s0 exact bool
ro.com.android.prov_mobiledata u:object_r:exported3_default_prop:s0 exact bool
@@ -545,9 +546,9 @@
init.svc.tombstoned u:object_r:exported2_default_prop:s0 exact string
init.svc.zygote u:object_r:exported2_default_prop:s0 exact string
-libc.debug.malloc.options u:object_r:exported2_default_prop:s0 exact string
-libc.debug.malloc.program u:object_r:exported2_default_prop:s0 exact string
-libc.debug.hooks.enable u:object_r:exported2_default_prop:s0 exact string
+libc.debug.malloc.options u:object_r:libc_debug_prop:s0 exact string
+libc.debug.malloc.program u:object_r:libc_debug_prop:s0 exact string
+libc.debug.hooks.enable u:object_r:libc_debug_prop:s0 exact string
net.redirect_socket_calls.hooked u:object_r:socket_hook_prop:s0 exact bool
@@ -640,8 +641,6 @@
aaudio.mmap_policy u:object_r:exported_default_prop:s0 exact int
aaudio.wakeup_delay_usec u:object_r:exported_default_prop:s0 exact int
-config.disable_cameraservice u:object_r:exported_camera_prop:s0 exact bool
-
gsm.sim.operator.numeric u:object_r:exported_radio_prop:s0 exact string
media.mediadrmservice.enable u:object_r:exported_default_prop:s0 exact bool
diff --git a/public/domain.te b/public/domain.te
index 0ab5f22..b23303d 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -103,6 +103,7 @@
get_prop(domain, exported_secure_prop)
get_prop(domain, exported_system_prop)
get_prop(domain, exported2_default_prop)
+get_prop(domain, libc_debug_prop)
get_prop(domain, logd_prop)
get_prop(domain, socket_hook_prop)
get_prop(domain, surfaceflinger_prop)
diff --git a/public/property.te b/public/property.te
index 2358ad2..94cd922 100644
--- a/public/property.te
+++ b/public/property.te
@@ -59,6 +59,7 @@
system_restricted_prop(binder_cache_telephony_server_prop)
system_restricted_prop(boot_status_prop)
system_restricted_prop(bq_config_prop)
+system_restricted_prop(libc_debug_prop)
system_restricted_prop(module_sdkextensions_prop)
system_restricted_prop(nnapi_ext_deny_product_prop)
system_restricted_prop(restorecon_prop)
@@ -99,6 +100,7 @@
# Properties which can be written only by vendor_init
system_vendor_config_prop(apk_verity_prop)
system_vendor_config_prop(audio_config_prop)
+system_vendor_config_prop(camera_config_prop)
system_vendor_config_prop(cpu_variant_prop)
system_vendor_config_prop(dalvik_config_prop)
system_vendor_config_prop(exported_camera_prop)