commit bbae4a9a1c8b6f3aeb8651d2c5f61997fa43b018
author Inseob Kim <inseob@google.com> Thu Mar 19 17:49:08 2020 +0900
committer Inseob Kim <inseob@google.com> Fri Mar 20 13:20:19 2020 +0900
tree 23ea948f60abce23e3a8ad560aa2afb45a6b3208
parent c8f294f0e5cabc0faec3659d183db19a6b981788

Move some system internal props to private

This completely hides system internal properties (which are meant to be
used only in system) when compiling sepolicy of vendor, product, etc.

Bug: 150331497
Test: system/sepolicy/tools/build_policies.sh
Change-Id: I4fc060f5973b7483c7f8502c40ef0a61f75ff088
Merged-In: I4fc060f5973b7483c7f8502c40ef0a61f75ff088
(cherry picked from commit c492c06e14faf4d3bc8fd113c9d3e114f7f36d34)

private/property.te

diff --git a/private/property.te b/private/property.te
index be865f1..8a5dd26 100644
--- a/private/property.te
+++ b/private/property.te
@@ -1,3 +1,20 @@
+# Properties used only in /system
+system_internal_prop(adbd_prop)
+system_internal_prop(device_config_storage_native_boot_prop)
+system_internal_prop(device_config_sys_traced_prop)
+system_internal_prop(device_config_window_manager_native_boot_prop)
+system_internal_prop(device_config_configuration_prop)
+system_internal_prop(gsid_prop)
+system_internal_prop(init_perf_lsm_hooks_prop)
+system_internal_prop(init_svc_debug_prop)
+system_internal_prop(last_boot_reason_prop)
+system_internal_prop(netd_stable_secret_prop)
+system_internal_prop(pm_prop)
+system_internal_prop(system_adbd_prop)
+system_internal_prop(traced_perf_enabled_prop)
+system_internal_prop(userspace_reboot_log_prop)
+system_internal_prop(userspace_reboot_test_prop)
+
 ###
 ### Neverallow rules
 ###