Merge "Add remote_provisioning.hostname property"

commit: e6945d00463ba1c55b4cfd560757b28536f6fba1 [log] [tgz]
author: Seth Moore <sethmo@google.com> Thu Jan 19 22:56:21 2023 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Jan 19 22:56:21 2023 +0000
tree: cb9521a254d942e8a899cecfe394474e64b37ec1
parent: 7fc3a5f4a52f368203542f032b4ea7ceab575611 [diff]
parent: 7ed4c004964fe7b07f43c3abcf0f1f7545e76af8 [diff]
diff --git a/private/property.te b/private/property.te
index dee6369..c4351d1 100644
--- a/private/property.te
+++ b/private/property.te

@@ -628,7 +628,7 @@
 neverallow domain system_and_vendor_property_type:{file property_service} *;
 
 neverallow {
-  # Only init and the remote provisioner can set the ro.remote_provisioning.* props
+  # Only init and the remote provisioner can set the remote_provisioning props
   domain
   -init
   -remote_prov_app

diff --git a/private/property_contexts b/private/property_contexts
index e8293c6..8b403ca 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -1367,6 +1367,9 @@
 remote_provisioning.strongbox.rkp_only u:object_r:remote_prov_prop:s0 exact bool
 remote_provisioning.tee.rkp_only u:object_r:remote_prov_prop:s0 exact bool
 
+# Hostname for the remote provisioning server a device should communicate with
+remote_provisioning.hostname u:object_r:remote_prov_prop:s0 exact string
+
 # Broadcast boot stages, which keystore listens to
 keystore.boot_level u:object_r:keystore_listen_prop:s0 exact int
commit	e6945d00463ba1c55b4cfd560757b28536f6fba1	[log] [tgz]
author	Seth Moore <sethmo@google.com>	Thu Jan 19 22:56:21 2023 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Thu Jan 19 22:56:21 2023 +0000
tree	cb9521a254d942e8a899cecfe394474e64b37ec1
parent	7fc3a5f4a52f368203542f032b4ea7ceab575611 [diff]
parent	7ed4c004964fe7b07f43c3abcf0f1f7545e76af8 [diff]