[MTE] Add memtag sysprop sepolicy. These flags should be writeable to the shell for both root and non-root users. They should be readable everywhere, as they're read in libc during initialization (and there's nothing secret to hide). We just don't want to allow apps to set these properties. These properties are non-persistent, are for local developer debugging only. Bug: 135772972 Bug: 172365548 Test: `adb shell setprop memtag.123 0` in non-root shell succeeds. Change-Id: If9ad7123829b0be27c29050f10081d2aecdef670

commit: eaf1404d8a9a69b3923907dd765ce8845bae3c5d [log] [tgz]
author: Mitch Phillips <mitchp@google.com> Thu Dec 03 17:23:06 2020 -0800
committer: Mitch Phillips <mitchp@google.com> Mon Jan 11 08:35:58 2021 -0800
tree: 4994d18d7b0373e6875d97f9c5ac93e1efc2c310
parent: f5891d67aaec4a0fd959f84b95535306a2f3b97c [diff] [blame]
diff --git a/private/property_contexts b/private/property_contexts
index 6787087..06734bc 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -579,6 +579,9 @@
 libc.debug.malloc.program u:object_r:libc_debug_prop:s0 exact string
 libc.debug.hooks.enable   u:object_r:libc_debug_prop:s0 exact string
 
+# shell-only props for ARM memory tagging (MTE).
+arm64.memtag. u:object_r:arm64_memtag_prop:s0 prefix string
+
 net.redirect_socket_calls.hooked u:object_r:socket_hook_prop:s0 exact bool
 
 persist.sys.locale       u:object_r:exported_system_prop:s0 exact string
commit	eaf1404d8a9a69b3923907dd765ce8845bae3c5d	[log] [tgz]
author	Mitch Phillips <mitchp@google.com>	Thu Dec 03 17:23:06 2020 -0800
committer	Mitch Phillips <mitchp@google.com>	Mon Jan 11 08:35:58 2021 -0800
tree	4994d18d7b0373e6875d97f9c5ac93e1efc2c310
parent	f5891d67aaec4a0fd959f84b95535306a2f3b97c [diff] [blame]