Merge "Introduce ro.boot.hypervisor properties"
diff --git a/Android.mk b/Android.mk
index 66ff2e3..6fd84e9 100644
--- a/Android.mk
+++ b/Android.mk
@@ -183,7 +183,7 @@
###########################################################
define build_policy
-$(foreach type, $(1), $(foreach file, $(addsuffix /$(type), $(2)), $(sort $(wildcard $(file)))))
+$(strip $(foreach type, $(1), $(foreach file, $(addsuffix /$(type), $(2)), $(sort $(wildcard $(file))))))
endef
# Builds paths for all policy files found in BOARD_VENDOR_SEPOLICY_DIRS.
diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index f33cff9..304f5a2 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -46,6 +46,9 @@
# net.dns properties are not a public API. Disallow untrusted apps from reading this property.
neverallow { all_untrusted_apps } net_dns_prop:file read;
+# radio_cdma_ecm_prop properties are not a public API. Disallow untrusted apps from reading this property.
+neverallow { all_untrusted_apps } radio_cdma_ecm_prop:file read;
+
# Shared libraries created by trusted components within an app home
# directory can be dlopen()ed. To maintain the W^X property, these files
# must never be writable to the app.
diff --git a/private/perfetto.te b/private/perfetto.te
index f9693da..174855f 100644
--- a/private/perfetto.te
+++ b/private/perfetto.te
@@ -8,6 +8,9 @@
tmpfs_domain(perfetto);
+# Allow init to start a trace (for perfetto_boottrace).
+init_daemon_domain(perfetto)
+
# Allow to access traced's privileged consumer socket.
unix_socket_connect(perfetto, traced_consumer, traced)
diff --git a/private/property.te b/private/property.te
index 659d1d4..32cdc75 100644
--- a/private/property.te
+++ b/private/property.te
@@ -29,6 +29,7 @@
system_internal_prop(perf_drop_caches_prop)
system_internal_prop(pm_prop)
system_internal_prop(profcollectd_node_id_prop)
+system_internal_prop(radio_cdma_ecm_prop)
system_internal_prop(rollback_test_prop)
system_internal_prop(setupwizard_prop)
system_internal_prop(snapuserd_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 0ee889c..13916d6 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -82,6 +82,7 @@
persist.traced_perf.enable u:object_r:traced_perf_enabled_prop:s0
persist.vendor.debug.wifi. u:object_r:persist_vendor_debug_wifi_prop:s0
persist.vendor.overlay. u:object_r:overlay_prop:s0
+ril.cdma.inecmmode u:object_r:radio_cdma_ecm_prop:s0 exact bool
ro.boot.vendor.overlay. u:object_r:overlay_prop:s0
ro.boottime. u:object_r:boottime_prop:s0
ro.serialno u:object_r:serialno_prop:s0
diff --git a/private/radio.te b/private/radio.te
index 2758289..08365f0 100644
--- a/private/radio.te
+++ b/private/radio.te
@@ -9,6 +9,7 @@
set_prop(radio, radio_prop)
set_prop(radio, net_radio_prop)
set_prop(radio, telephony_status_prop)
+set_prop(radio, radio_cdma_ecm_prop)
# ctl interface
set_prop(radio, ctl_rildaemon_prop)