Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / c8f294f0e5cabc0faec3659d183db19a6b981788^2..c8f294f0e5cabc0faec3659d183db19a6b981788 / .
commitc8f294f0e5cabc0faec3659d183db19a6b981788[log] [tgz]
authorTreehugger Robot <treehugger-gerrit@google.com>Wed Mar 18 23:30:07 2020 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Wed Mar 18 23:30:07 2020 +0000
tree8e9773521cffb7c6dc4abb7ddbf5c6cdfed24f65
parentfa4a015fa1e0c0b66d9bcd3f473e1e75bdee7113 [diff]
parent55e5c9b5131e9754d9cd14f44a2078ada053fb5f [diff]
Merge "Move system property rules to private"
diff --git a/prebuilts/api/29.0/public/property_contexts b/prebuilts/api/29.0/public/property_contexts
index f59b5de..3090490 100644
--- a/prebuilts/api/29.0/public/property_contexts
+++ b/prebuilts/api/29.0/public/property_contexts

@@ -145,6 +145,9 @@
 ro.url.legal u:object_r:exported3_default_prop:s0 exact string
 ro.url.legal.android_privacy u:object_r:exported3_default_prop:s0 exact string
 ro.vendor.build.security_patch u:object_r:vendor_security_patch_level_prop:s0 exact string
+ro.media.xml_variant.codecs u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.codecs_performance u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.profiles u:object_r:media_variant_prop:s0 exact string
 ro.zram.mark_idle_delay_mins u:object_r:exported3_default_prop:s0 exact int
 ro.zram.first_wb_delay_mins u:object_r:exported3_default_prop:s0 exact int
 ro.zram.periodic_wb_delay_hours u:object_r:exported3_default_prop:s0 exact int

diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index c1ea949..ff2dd0a 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil

@@ -72,6 +72,7 @@
     mirror_data_file
     light_service
     linkerconfig_file
+    media_variant_prop
     metadata_bootstat_file
     mnt_pass_through_file
     mock_ota_prop

diff --git a/private/file_contexts b/private/file_contexts
index ef4e042..ffc7f24 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -554,6 +554,7 @@
 /data/misc/stats-active-metric(/.*)? u:object_r:stats_data_file:s0
 /data/misc/stats-data(/.*)?     u:object_r:stats_data_file:s0
 /data/misc/stats-service(/.*)?  u:object_r:stats_data_file:s0
+/data/misc/stats-metadata(/.*)? u:object_r:stats_data_file:s0
 /data/misc/systemkeys(/.*)?     u:object_r:systemkeys_data_file:s0
 /data/misc/textclassifier(/.*)?       u:object_r:textclassifier_data_file:s0
 /data/misc/train-info(/.*)?     u:object_r:stats_data_file:s0

diff --git a/private/property_contexts b/private/property_contexts
index 216531c..ab6c4f8 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -428,6 +428,10 @@
 ro.lmk.use_minfree_levels       u:object_r:exported3_default_prop:s0 exact bool
 ro.lmk.upgrade_pressure         u:object_r:exported3_default_prop:s0 exact int
 
+ro.media.xml_variant.codecs             u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.codecs_performance u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.profiles           u:object_r:media_variant_prop:s0 exact string
+
 ro.minui.default_rotation u:object_r:exported3_default_prop:s0 exact string
 ro.minui.overscan_percent u:object_r:exported3_default_prop:s0 exact int
 ro.minui.pixel_format     u:object_r:exported3_default_prop:s0 exact string

diff --git a/private/zygote.te b/private/zygote.te
index f9e5476..f27005e 100644
--- a/private/zygote.te
+++ b/private/zygote.te

@@ -193,6 +193,9 @@
 # Send unsolicited message to system_server
 unix_socket_send(zygote, system_unsolzygote, system_server)
 
+# Allow zygote to access media_variant_prop for static initialization
+get_prop(zygote, media_variant_prop)
+
 ###
 ### neverallow rules
 ###

diff --git a/public/hal_codec2.te b/public/hal_codec2.te
index 60cd3b0..8c7816a 100644
--- a/public/hal_codec2.te
+++ b/public/hal_codec2.te

@@ -1,3 +1,6 @@
+get_prop(hal_codec2_client, media_variant_prop)
+get_prop(hal_codec2_server, media_variant_prop)
+
 binder_call(hal_codec2_client, hal_codec2_server)
 binder_call(hal_codec2_server, hal_codec2_client)
 

diff --git a/public/hal_omx.te b/public/hal_omx.te
index 707cae8..8e74383 100644
--- a/public/hal_omx.te
+++ b/public/hal_omx.te

@@ -22,6 +22,9 @@
 
 allow hal_omx_client hidl_token_hwservice:hwservice_manager find;
 
+get_prop(hal_omx_client, media_variant_prop)
+get_prop(hal_omx_server, media_variant_prop)
+
 binder_call(hal_omx_client, hal_omx_server)
 binder_call(hal_omx_server, hal_omx_client)
 

diff --git a/public/property.te b/public/property.te
index afc5c1e..4178cbb 100644
--- a/public/property.te
+++ b/public/property.te

@@ -121,6 +121,7 @@
 system_vendor_config_prop(exported_config_prop)
 system_vendor_config_prop(exported_default_prop)
 system_vendor_config_prop(exported3_default_prop)
+system_vendor_config_prop(media_variant_prop)
 system_vendor_config_prop(userspace_reboot_config_prop)
 system_vendor_config_prop(vehicle_hal_prop)
 system_vendor_config_prop(vendor_security_patch_level_prop)