Add sepolicy for high quality barometer sysprop
Change-Id: Iedb762026181dcd401ca65ebbe6c0dc3169839b3
Bug: 353723267
diff --git a/private/app.te b/private/app.te
index 1dd7fda..cc69e5e 100644
--- a/private/app.te
+++ b/private/app.te
@@ -488,6 +488,8 @@
allow appdomain runas_exec:file getattr;
# Others are either allowed elsewhere or not desired.
+get_prop(appdomain, high_barometer_quality_prop)
+
# Connect to adbd and use a socket transferred from it.
# This is used for e.g. adb backup/restore.
allow appdomain adbd:unix_stream_socket connectto;
diff --git a/private/property.te b/private/property.te
index e66913f..acb8d79 100644
--- a/private/property.te
+++ b/private/property.te
@@ -79,6 +79,7 @@
# Properties which should only be written by vendor_init
system_vendor_config_prop(avf_virtualizationservice_prop)
+system_vendor_config_prop(high_barometer_quality_prop)
typeattribute log_prop log_property_type;
typeattribute log_tag_prop log_property_type;
@@ -429,6 +430,14 @@
neverallow {
domain
-init
+ -vendor_init
+ } {
+ high_barometer_quality_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -init
-dumpstate
userdebug_or_eng(`-system_suspend')
} {
diff --git a/private/property_contexts b/private/property_contexts
index a88aff9..f0a4281 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -1686,6 +1686,10 @@
# Properties for sensor service
sensors.aosp_low_power_sensor_fusion.maximum_rate u:object_r:sensors_config_prop:s0 exact uint
+# Whether the device has a high quality barometer as defined on the CDD.
+# Set by OEMs, read for xTS verifier tests
+sensor.barometer.high_quality.implemented u:object_r:high_barometer_quality_prop:s0 exact bool
+
# Properties for game manager service
persist.graphics.game_default_frame_rate.enabled u:object_r:game_manager_config_prop:s0 exact bool