[GWP-ASan] Add sysprop, allow shell and system apps to set it. Bug: 219651032 Test: atest bionic-unit-tests Change-Id: Ic4804ce0e4f3b6ba8eb8d82aca11b400b45c03dc

commit: 8cd32cd93ef9624280ba23f5a1f3aacbe9b25c0a [log] [tgz]
author: Mitch Phillips <mitchp@google.com> Tue Mar 22 15:59:57 2022 -0700
committer: Mitch Phillips <mitchp@google.com> Tue Apr 12 13:20:05 2022 -0700
tree: e249c33d8c58a2185c7c0cd9d0208b4e5463cab3
parent: e82248bcb0a62e9406dec87d0d9c8dc863bd0aff [diff] [blame]
diff --git a/private/property.te b/private/property.te
index 3f02c83..2f7d512 100644
--- a/private/property.te
+++ b/private/property.te

@@ -410,9 +410,9 @@
   libc_debug_prop
 }:property_service set;
 
-# Allow the shell to set MTE props, so that non-root users with adb shell
-# access can control the settings on their device.
-# Allow system apps to set MTE props, so Developer Options can set them.
+# Allow the shell to set MTE & GWP-ASan props, so that non-root users with adb
+# shell access can control the settings on their device. Allow system apps to
+# set MTE props, so Developer Options can set them.
 neverallow {
   domain
   -init
@@ -420,6 +420,7 @@
   -system_app
 } {
   arm64_memtag_prop
+  gwp_asan_prop
 }:property_service set;
 
 neverallow {
commit	8cd32cd93ef9624280ba23f5a1f3aacbe9b25c0a	[log] [tgz]
author	Mitch Phillips <mitchp@google.com>	Tue Mar 22 15:59:57 2022 -0700
committer	Mitch Phillips <mitchp@google.com>	Tue Apr 12 13:20:05 2022 -0700
tree	e249c33d8c58a2185c7c0cd9d0208b4e5463cab3
parent	e82248bcb0a62e9406dec87d0d9c8dc863bd0aff [diff] [blame]