Merge "sepolicy: allow vendor system native experiments property" am: 1c8df204ff am: 24b88b3269 am: 64deed7351 am: 7c5800e3e0 Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2062049 Change-Id: I12fc3bfb42cfb3cd97833a182a983b23f3a25633 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

commit: 8f7d8b2787405b85eadadb7d0cc42cd32879886e [log] [tgz]
author: Richard Chang <richardycc@google.com> Fri Apr 15 05:07:12 2022 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Fri Apr 15 05:07:12 2022 +0000
tree: bd2cc4bc0facace34fe3db81ffc5ea8e27e4e515
parent: 958003a69e050b00589645a9015f1e2e0d289ad1 [diff]
parent: 7c5800e3e0502961726f0e5b1d9e321e53d0c58f [diff]
diff --git a/private/flags_health_check.te b/private/flags_health_check.te
index de02e1e..54ecd45 100644
--- a/private/flags_health_check.te
+++ b/private/flags_health_check.te

@@ -23,6 +23,7 @@
 set_prop(flags_health_check, device_config_configuration_prop)
 set_prop(flags_health_check, device_config_connectivity_prop)
 set_prop(flags_health_check, device_config_surface_flinger_native_boot_prop)
+set_prop(flags_health_check, device_config_vendor_system_native_prop)
 set_prop(flags_health_check, device_config_virtualization_framework_native_prop)
 
 # system property device_config_boot_count_prop is used for deciding when to perform server

diff --git a/private/property.te b/private/property.te
index 2e8db3f..ccf6040 100644
--- a/private/property.te
+++ b/private/property.te

@@ -47,6 +47,7 @@
 system_internal_prop(virtualizationservice_prop)
 
 # Properties which can't be written outside system
+system_restricted_prop(device_config_vendor_system_native_prop)
 system_restricted_prop(device_config_virtualization_framework_native_prop)
 
 ###

diff --git a/private/property_contexts b/private/property_contexts
index c1730ec..faf9cb4 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -255,6 +255,7 @@
 persist.device_config.storage_native_boot.          u:object_r:device_config_storage_native_boot_prop:s0
 persist.device_config.surface_flinger_native_boot.  u:object_r:device_config_surface_flinger_native_boot_prop:s0
 persist.device_config.swcodec_native.               u:object_r:device_config_swcodec_native_prop:s0
+persist.device_config.vendor_system_native.         u:object_r:device_config_vendor_system_native_prop:s0
 persist.device_config.virtualization_framework_native. u:object_r:device_config_virtualization_framework_native_prop:s0
 persist.device_config.window_manager_native_boot.   u:object_r:device_config_window_manager_native_boot_prop:s0
 

diff --git a/private/system_server.te b/private/system_server.te
index fbb5793..ee1df94 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -742,6 +742,7 @@
 set_prop(system_server, device_config_configuration_prop)
 set_prop(system_server, device_config_connectivity_prop)
 set_prop(system_server, device_config_surface_flinger_native_boot_prop)
+set_prop(system_server, device_config_vendor_system_native_prop)
 set_prop(system_server, device_config_virtualization_framework_native_prop)
 set_prop(system_server, smart_idle_maint_enabled_prop)
commit	8f7d8b2787405b85eadadb7d0cc42cd32879886e	[log] [tgz]
author	Richard Chang <richardycc@google.com>	Fri Apr 15 05:07:12 2022 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Fri Apr 15 05:07:12 2022 +0000
tree	bd2cc4bc0facace34fe3db81ffc5ea8e27e4e515
parent	958003a69e050b00589645a9015f1e2e0d289ad1 [diff]
parent	7c5800e3e0502961726f0e5b1d9e321e53d0c58f [diff]