commit f6afebf934cb392e5e39e2f18a8509d90d33b8d8
author Roman Kiryanov <rkir@google.com> Tue Feb 23 15:08:56 2021 -0800
committer Roman Kiryanov <rkir@google.com> Tue Feb 23 20:15:33 2021 -0800
tree 49f534db94662c423145fc3abaa39aa1bf71ef51
parent 6461578be7a1a6fd2cf31a810cad65c888ed9e07

Move qemu.sf.lcd_density into system/sepolicy

qemu.sf.lcd_density is rerefenced by surfaceflinger
and zygote.

Bug: 178144237
Test: presubmit
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: Iede75d1170aeac9d020d60a3a66a1f69cee46abf
Merged-In: Iede75d1170aeac9d020d60a3a66a1f69cee46abf

private/compat/30.0/30.0.ignore.cil

diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 45826b0..0e89d37 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -84,6 +84,7 @@
     profcollectd_exec
     profcollectd_service
     qemu_hw_prop
+    qemu_sf_lcd_density_prop
     radio_core_data_file
     reboot_readiness_service
     remote_prov_app

private/property_contexts

diff --git a/private/property_contexts b/private/property_contexts
index ff84dcc..5c3a84c 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -189,6 +189,9 @@
 # qemu_hw_prop is read/written by both system and vendor.
 qemu.hw.mainkeys        u:object_r:qemu_hw_prop:s0
 
+# qemu_sf_lcd_density_prop is read/written by both system and vendor.
+qemu.sf.lcd_density     u:object_r:qemu_sf_lcd_density_prop:s0 exact int
+
 # Shared between system server and wificond
 wifi.                   u:object_r:wifi_prop:s0
 wlan.                   u:object_r:wifi_prop:s0

private/surfaceflinger.te

diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 8549bd5..640306f 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -58,6 +58,9 @@
 set_prop(surfaceflinger, ctl_bootanim_prop)
 set_prop(surfaceflinger, surfaceflinger_display_prop)
 
+# Get properties.
+get_prop(surfaceflinger, qemu_sf_lcd_density_prop)
+
 # Use open files supplied by an app.
 allow surfaceflinger appdomain:fd use;
 allow surfaceflinger { app_data_file privapp_data_file }:file { read write };

private/zygote.te

diff --git a/private/zygote.te b/private/zygote.te
index 1a3bcc6..83323c9 100644
--- a/private/zygote.te
+++ b/private/zygote.te
@@ -213,6 +213,9 @@
 # Allow zygote to read ro.control_privapp_permissions and ro.cp_system_other_odex
 get_prop(zygote, packagemanager_config_prop)
 
+# Allow zygote to read qemu.sf.lcd_density
+get_prop(zygote, qemu_sf_lcd_density_prop)
+
 # Allow zygote to read /apex/apex-info-list.xml
 allow zygote apex_info_file:file r_file_perms;