[MTE] Add memory_safety_native_boot namespace
Bug: 267234468
Change-Id: I248fdf58a744f0c70a26d6a8f7d4caa0a6ce8edb
diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index ffa7e4e..567b825 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@@ -11,6 +11,7 @@
bt_device
credential_service
device_config_camera_native_prop
+ device_config_memory_safety_native_boot_prop
device_config_memory_safety_native_prop
device_config_vendor_system_native_prop
devicelock_service
diff --git a/private/domain.te b/private/domain.te
index e0ba975..6716263 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -82,6 +82,7 @@
# Allow all domains to check whether MTE is set to permissive mode.
get_prop(domain, permissive_mte_prop);
+get_prop(domain, device_config_memory_safety_native_boot_prop);
get_prop(domain, device_config_memory_safety_native_prop);
# For now, everyone can access core property files
diff --git a/private/flags_health_check.te b/private/flags_health_check.te
index 0cc450d..cc4a5ca 100644
--- a/private/flags_health_check.te
+++ b/private/flags_health_check.te
@@ -26,6 +26,7 @@
set_prop(flags_health_check, device_config_vendor_system_native_prop)
set_prop(flags_health_check, device_config_vendor_system_native_boot_prop)
set_prop(flags_health_check, device_config_virtualization_framework_native_prop)
+set_prop(flags_health_check, device_config_memory_safety_native_boot_prop)
set_prop(flags_health_check, device_config_memory_safety_native_prop)
set_prop(flags_health_check, device_config_remote_key_provisioning_native_prop)
set_prop(flags_health_check, device_config_camera_native_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 5611290..50c98b1 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -268,6 +268,7 @@
persist.device_config.vendor_system_native_boot. u:object_r:device_config_vendor_system_native_boot_prop:s0
persist.device_config.virtualization_framework_native. u:object_r:device_config_virtualization_framework_native_prop:s0
persist.device_config.window_manager_native_boot. u:object_r:device_config_window_manager_native_boot_prop:s0
+persist.device_config.memory_safety_native_boot. u:object_r:device_config_memory_safety_native_boot_prop:s0
persist.device_config.memory_safety_native. u:object_r:device_config_memory_safety_native_prop:s0
# F2FS smart idle maint prop
diff --git a/private/sdk_sandbox.te b/private/sdk_sandbox.te
index a0e77a2..6ebfa0a 100644
--- a/private/sdk_sandbox.te
+++ b/private/sdk_sandbox.te
@@ -49,6 +49,7 @@
-debug_prop
-debuggerd_prop
-default_prop
+ -device_config_memory_safety_native_boot_prop
-device_config_memory_safety_native_prop
-device_config_nnapi_native_prop
-device_config_runtime_native_boot_prop
diff --git a/private/system_server.te b/private/system_server.te
index 53acab0..62185fc 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -760,6 +760,7 @@
set_prop(system_server, device_config_vendor_system_native_prop)
set_prop(system_server, device_config_vendor_system_native_boot_prop)
set_prop(system_server, device_config_virtualization_framework_native_prop)
+set_prop(system_server, device_config_memory_safety_native_boot_prop)
set_prop(system_server, device_config_memory_safety_native_prop)
set_prop(system_server, device_config_remote_key_provisioning_native_prop)
set_prop(system_server, smart_idle_maint_enabled_prop)