Merge "Add context for ro.product.property_source_order"
diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
index 592a1f9..9cc23b4 100644
--- a/private/compat/30.0/30.0.cil
+++ b/private/compat/30.0/30.0.cil
@@ -1299,6 +1299,7 @@
(typeattributeset default_android_vndservice_30_0 (default_android_vndservice))
(typeattributeset default_prop_30_0 (
default_prop
+ build_config_prop
init_service_status_private_prop
setupwizard_prop
verity_status_prop
diff --git a/private/property.te b/private/property.te
index b14ab4e..6cc4100 100644
--- a/private/property.te
+++ b/private/property.te
@@ -515,3 +515,11 @@
neverallow {
-init
} setupwizard_prop:property_service set;
+
+# ro.product.property_source_order is useless after initialization of ro.product.* props.
+# So making it accessible only from init and vendor_init.
+neverallow {
+ -init
+ -dumpstate
+ -vendor_init
+} build_config_prop:file no_rw_file_perms;
diff --git a/private/property_contexts b/private/property_contexts
index aacb72b..19659c9 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -789,6 +789,9 @@
ro.product.bootimage.model u:object_r:build_bootimage_prop:s0 exact string
ro.product.bootimage.name u:object_r:build_bootimage_prop:s0 exact string
+# ro.product.property_source_order is settable from any build.prop
+ro.product.property_source_order u:object_r:build_config_prop:s0 exact string
+
ro.crypto.state u:object_r:vold_status_prop:s0 exact enum encrypted unencrypted unsupported
ro.crypto.type u:object_r:vold_status_prop:s0 exact enum block file none
diff --git a/public/property.te b/public/property.te
index db93195..13dc742 100644
--- a/public/property.te
+++ b/public/property.te
@@ -114,6 +114,7 @@
system_vendor_config_prop(aaudio_config_prop)
system_vendor_config_prop(apk_verity_prop)
system_vendor_config_prop(audio_config_prop)
+system_vendor_config_prop(build_config_prop)
system_vendor_config_prop(build_odm_prop)
system_vendor_config_prop(build_vendor_prop)
system_vendor_config_prop(camera_calibration_prop)