Add 2 new system properties for Quick Start Test: Manually validated that GmsCore can access the properties, but not a test app. Ignore-AOSP-First: Change is targeted at Google devices. Change-Id: I2fa520dc31b328738f9a5fd1bcfc6632b61ad912 Bug: 280330984

commit: c97b3a244f2a2d98c5e3a3e4dcab1507a3ca9d64 [log] [tgz]
author: Jay Civelli <jcivelli@google.com> Mon Apr 17 06:01:35 2023 +0000
committer: Jay Civelli <jcivelli@google.com> Wed May 03 04:04:15 2023 +0000
tree: ccdaa2ec3ee77949f279c9640c1c319ec85191ab
parent: f6f4205d509045b5972a89638def05126d7ee2f7 [diff]
diff --git a/prebuilts/api/34.0/private/compat/33.0/33.0.ignore.cil b/prebuilts/api/34.0/private/compat/33.0/33.0.ignore.cil
index 3bfdcc8..3165341 100644
--- a/prebuilts/api/34.0/private/compat/33.0/33.0.ignore.cil
+++ b/prebuilts/api/34.0/private/compat/33.0/33.0.ignore.cil

@@ -55,6 +55,7 @@
     permissive_mte_prop
     persist_sysui_builder_extras_prop
     prng_seeder
+    quick_start_prop
     recovery_usb_config_prop
     remote_provisioning_service
     rkpdapp

diff --git a/prebuilts/api/34.0/private/gmscore_app.te b/prebuilts/api/34.0/private/gmscore_app.te
index cd05a65..46b90c6 100644
--- a/prebuilts/api/34.0/private/gmscore_app.te
+++ b/prebuilts/api/34.0/private/gmscore_app.te

@@ -152,6 +152,11 @@
 # Allow GMSCore to read RKP properties for the purpose of GTS testing.
 get_prop(gmscore_app, remote_prov_prop)
 
+# Allow GmsCore to read Quick Start properties and prevent access from other
+# policies.
+get_prop(gmscore_app, quick_start_prop)
+neverallow { domain -init -dumpstate -vendor_init -gmscore_app } quick_start_prop:file no_rw_file_perms;
+
 # Do not allow getting permission-protected network information from sysfs.
 neverallow gmscore_app sysfs_net:file *;
 

diff --git a/prebuilts/api/34.0/private/property_contexts b/prebuilts/api/34.0/private/property_contexts
index 4fb5ee0..fd954d2 100644
--- a/prebuilts/api/34.0/private/property_contexts
+++ b/prebuilts/api/34.0/private/property_contexts

@@ -1557,3 +1557,7 @@
 
 # System UI notification properties
 persist.sysui.notification.builder_extras_override u:object_r:persist_sysui_builder_extras_prop:s0 exact bool
+
+# Properties for Quick Start setup.
+ro.quick_start.oem_id u:object_r:quick_start_prop:s0 exact string
+ro.quick_start.device_id u:object_r:quick_start_prop:s0 exact string

diff --git a/prebuilts/api/34.0/public/property.te b/prebuilts/api/34.0/public/property.te
index 8d6b8ee..cb65b55 100644
--- a/prebuilts/api/34.0/public/property.te
+++ b/prebuilts/api/34.0/public/property.te

@@ -170,6 +170,7 @@
 system_vendor_config_prop(mm_events_config_prop)
 system_vendor_config_prop(oem_unlock_prop)
 system_vendor_config_prop(packagemanager_config_prop)
+system_vendor_config_prop(quick_start_prop)
 system_vendor_config_prop(recovery_config_prop)
 system_vendor_config_prop(recovery_usb_config_prop)
 system_vendor_config_prop(sendbug_config_prop)

diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 3bfdcc8..3165341 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil

@@ -55,6 +55,7 @@
     permissive_mte_prop
     persist_sysui_builder_extras_prop
     prng_seeder
+    quick_start_prop
     recovery_usb_config_prop
     remote_provisioning_service
     rkpdapp

diff --git a/private/gmscore_app.te b/private/gmscore_app.te
index cd05a65..46b90c6 100644
--- a/private/gmscore_app.te
+++ b/private/gmscore_app.te

@@ -152,6 +152,11 @@
 # Allow GMSCore to read RKP properties for the purpose of GTS testing.
 get_prop(gmscore_app, remote_prov_prop)
 
+# Allow GmsCore to read Quick Start properties and prevent access from other
+# policies.
+get_prop(gmscore_app, quick_start_prop)
+neverallow { domain -init -dumpstate -vendor_init -gmscore_app } quick_start_prop:file no_rw_file_perms;
+
 # Do not allow getting permission-protected network information from sysfs.
 neverallow gmscore_app sysfs_net:file *;
 

diff --git a/private/property_contexts b/private/property_contexts
index 4fb5ee0..fd954d2 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -1557,3 +1557,7 @@
 
 # System UI notification properties
 persist.sysui.notification.builder_extras_override u:object_r:persist_sysui_builder_extras_prop:s0 exact bool
+
+# Properties for Quick Start setup.
+ro.quick_start.oem_id u:object_r:quick_start_prop:s0 exact string
+ro.quick_start.device_id u:object_r:quick_start_prop:s0 exact string

diff --git a/public/property.te b/public/property.te
index 8d6b8ee..cb65b55 100644
--- a/public/property.te
+++ b/public/property.te

@@ -170,6 +170,7 @@
 system_vendor_config_prop(mm_events_config_prop)
 system_vendor_config_prop(oem_unlock_prop)
 system_vendor_config_prop(packagemanager_config_prop)
+system_vendor_config_prop(quick_start_prop)
 system_vendor_config_prop(recovery_config_prop)
 system_vendor_config_prop(recovery_usb_config_prop)
 system_vendor_config_prop(sendbug_config_prop)
commit	c97b3a244f2a2d98c5e3a3e4dcab1507a3ca9d64	[log] [tgz]
author	Jay Civelli <jcivelli@google.com>	Mon Apr 17 06:01:35 2023 +0000
committer	Jay Civelli <jcivelli@google.com>	Wed May 03 04:04:15 2023 +0000
tree	ccdaa2ec3ee77949f279c9640c1c319ec85191ab
parent	f6f4205d509045b5972a89638def05126d7ee2f7 [diff]