Merge "Refine build.prop related properties"

commit: ff42a49df2871bd8e65ef2c691f90aa836c11b89 [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Wed May 20 14:17:56 2020 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed May 20 14:17:56 2020 +0000
tree: 70eea4538d54ed9166fd5cee0f452d908ff77b2f
parent: 15e5e0a470857795e66f4033c1bf0159e44df5c9 [diff]
parent: fc688b3a7fac4ba1625bb58e42259c55eaf780ad [diff]
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index a55887f..42b1ef0 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil

@@ -31,7 +31,9 @@
     bluetooth_a2dp_offload_prop
     bpfloader
     bpfloader_exec
+    build_odm_prop
     build_prop
+    build_vendor_prop
     camera_config_prop
     cgroup_bpf
     charger_exec

diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
index ba581d8..b49c173 100644
--- a/private/compat/30.0/30.0.cil
+++ b/private/compat/30.0/30.0.cil

@@ -1374,6 +1374,8 @@
 (typeattributeset exported_dalvik_prop_30_0 (exported_dalvik_prop dalvik_config_prop))
 (typeattributeset exported_default_prop_30_0
   ( exported_default_prop
+    build_odm_prop
+    build_vendor_prop
     surfaceflinger_prop))
 (typeattributeset exported_dumpstate_prop_30_0 (exported_dumpstate_prop))
 (typeattributeset exported_ffs_prop_30_0

diff --git a/private/property_contexts b/private/property_contexts
index 5188bc7..61b9078 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -564,8 +564,6 @@
 persist.sys.timezone     u:object_r:exported_system_prop:s0 exact string
 persist.sys.test_harness u:object_r:test_harness_prop:s0 exact bool
 
-ro.adb.secure u:object_r:exported_secure_prop:s0 exact bool
-
 ro.arch u:object_r:exported2_default_prop:s0 exact string
 
 ro.audio.ignore_effects u:object_r:exported2_default_prop:s0 exact bool
@@ -600,6 +598,7 @@
 ro.build.product                     u:object_r:build_prop:s0 exact string
 ro.build.system_root_image           u:object_r:build_prop:s0 exact bool
 ro.build.tags                        u:object_r:build_prop:s0 exact string
+ro.build.type                        u:object_r:build_prop:s0 exact string
 ro.build.user                        u:object_r:build_prop:s0 exact string
 ro.build.version.base_os             u:object_r:build_prop:s0 exact string
 ro.build.version.codename            u:object_r:build_prop:s0 exact string
@@ -612,25 +611,61 @@
 
 ro.debuggable u:object_r:build_prop:s0 exact bool
 
+ro.product.cpu.abi       u:object_r:build_prop:s0 exact string
+ro.product.cpu.abilist   u:object_r:build_prop:s0 exact string
+ro.product.cpu.abilist32 u:object_r:build_prop:s0 exact string
+ro.product.cpu.abilist64 u:object_r:build_prop:s0 exact string
+
+ro.adb.secure u:object_r:build_prop:s0 exact bool
+ro.secure     u:object_r:build_prop:s0 exact int
+
+# These 5 properties are set by property_service
+ro.product.brand         u:object_r:build_prop:s0 exact string
+ro.product.device        u:object_r:build_prop:s0 exact string
+ro.product.manufacturer  u:object_r:build_prop:s0 exact string
+ro.product.model         u:object_r:build_prop:s0 exact string
+ro.product.name          u:object_r:build_prop:s0 exact string
+
+# All odm build props are set by /odm/build.prop
+ro.odm.build.date                u:object_r:build_odm_prop:s0 exact string
+ro.odm.build.date.utc            u:object_r:build_odm_prop:s0 exact int
+ro.odm.build.fingerprint         u:object_r:build_odm_prop:s0 exact string
+ro.odm.build.version.incremental u:object_r:build_odm_prop:s0 exact string
+
+ro.product.odm.brand        u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.device       u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.manufacturer u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.model        u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.name         u:object_r:build_odm_prop:s0 exact string
+
+# All vendor build props are set by /vendor/build.prop
+ro.vendor.build.date                u:object_r:build_vendor_prop:s0 exact string
+ro.vendor.build.date.utc            u:object_r:build_vendor_prop:s0 exact int
+ro.vendor.build.fingerprint         u:object_r:build_vendor_prop:s0 exact string
+ro.vendor.build.version.incremental u:object_r:build_vendor_prop:s0 exact string
+
+ro.product.board               u:object_r:build_vendor_prop:s0 exact string
+ro.product.first_api_level     u:object_r:build_vendor_prop:s0 exact int
+ro.product.vendor.brand        u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.device       u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.manufacturer u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.model        u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.name         u:object_r:build_vendor_prop:s0 exact string
+
+# These are also set by /vendor/build.prop
+ro.bootimage.build.date        u:object_r:build_vendor_prop:s0 exact string
+ro.bootimage.build.date.utc    u:object_r:build_vendor_prop:s0 exact int
+ro.bootimage.build.fingerprint u:object_r:build_vendor_prop:s0 exact string
+
 ro.crypto.state u:object_r:vold_status_prop:s0 exact enum encrypted unencrypted unsupported
 ro.crypto.type  u:object_r:vold_status_prop:s0 exact enum block file none
 
 ro.hardware u:object_r:exported2_default_prop:s0 exact string
 
-ro.product.brand        u:object_r:exported2_default_prop:s0 exact string
-ro.product.cpu.abi      u:object_r:exported2_default_prop:s0 exact string
-ro.product.cpu.abilist  u:object_r:exported2_default_prop:s0 exact string
-ro.product.device       u:object_r:exported2_default_prop:s0 exact string
-ro.product.manufacturer u:object_r:exported2_default_prop:s0 exact string
-ro.product.model        u:object_r:exported2_default_prop:s0 exact string
-ro.product.name         u:object_r:exported2_default_prop:s0 exact string
-
 ro.property_service.version u:object_r:exported2_default_prop:s0 exact int
 
 ro.revision u:object_r:exported2_default_prop:s0 exact string
 
-ro.secure u:object_r:exported_secure_prop:s0 exact int
-
 ro.vendor.redirect_socket_calls u:object_r:vendor_socket_hook_prop:s0 exact bool
 
 service.bootanim.exit u:object_r:exported_system_prop:s0 exact int
@@ -667,10 +702,6 @@
 ro.boot.product.vendor.sku   u:object_r:exported_default_prop:s0 exact string
 ro.boot.slot_suffix          u:object_r:exported_default_prop:s0 exact string
 
-ro.bootimage.build.date        u:object_r:exported_default_prop:s0 exact string
-ro.bootimage.build.date.utc    u:object_r:exported_default_prop:s0 exact int
-ro.bootimage.build.fingerprint u:object_r:exported_default_prop:s0 exact string
-
 ro.boringcrypto.hwrand u:object_r:exported_default_prop:s0 exact bool
 
 ro.build.ab_update         u:object_r:exported_default_prop:s0 exact string
@@ -732,36 +763,12 @@
 ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
 ro.kernel.ebpf.supported   u:object_r:exported_default_prop:s0 exact bool
 
-ro.odm.build.date                u:object_r:exported_default_prop:s0 exact string
-ro.odm.build.date.utc            u:object_r:exported_default_prop:s0 exact int
-ro.odm.build.fingerprint         u:object_r:exported_default_prop:s0 exact string
-ro.odm.build.version.incremental u:object_r:exported_default_prop:s0 exact string
-
 ro.oem.key1 u:object_r:exported_default_prop:s0 exact string
 
-ro.product.board               u:object_r:exported_default_prop:s0 exact string
-ro.product.cpu.abilist32       u:object_r:exported_default_prop:s0 exact string
-ro.product.cpu.abilist64       u:object_r:exported_default_prop:s0 exact string
-ro.product.first_api_level     u:object_r:exported_default_prop:s0 exact int
-ro.product.odm.brand           u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.device          u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.manufacturer    u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.model           u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.name            u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.brand        u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.device       u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.manufacturer u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.model        u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.name         u:object_r:exported_default_prop:s0 exact string
-ro.product.vndk.version        u:object_r:vndk_prop:s0 exact string
+ro.product.vndk.version u:object_r:vndk_prop:s0 exact string
 
 ro.telephony.iwlan_operation_mode u:object_r:exported_radio_prop:s0 exact enum default legacy AP-assisted
 
-ro.vendor.build.date                u:object_r:exported_default_prop:s0 exact string
-ro.vendor.build.date.utc            u:object_r:exported_default_prop:s0 exact int
-ro.vendor.build.fingerprint         u:object_r:exported_default_prop:s0 exact string
-ro.vendor.build.version.incremental u:object_r:exported_default_prop:s0 exact string
-
 ro.vndk.lite    u:object_r:vndk_prop:s0 exact bool
 ro.vndk.version u:object_r:vndk_prop:s0 exact string
 
@@ -790,8 +797,6 @@
 
 ro.bootmode u:object_r:exported2_default_prop:s0 exact string
 
-ro.build.type u:object_r:exported2_default_prop:s0 exact string
-
 sys.shutdown.requested u:object_r:exported_system_prop:s0 exact string
 
 # surfaceflinger properties

diff --git a/public/domain.te b/public/domain.te
index 038079d..8973dcd 100644
--- a/public/domain.te
+++ b/public/domain.te

@@ -94,7 +94,9 @@
 allow domain property_info:file r_file_perms;
 
 # Public readable properties
+get_prop(domain, build_odm_prop)
 get_prop(domain, build_prop)
+get_prop(domain, build_vendor_prop)
 get_prop(domain, debug_prop)
 get_prop(domain, exported_config_prop)
 get_prop(domain, exported_default_prop)

diff --git a/public/property.te b/public/property.te
index 8229ce8..ba033f6 100644
--- a/public/property.te
+++ b/public/property.te

@@ -104,6 +104,8 @@
 # Properties which can be written only by vendor_init
 system_vendor_config_prop(apk_verity_prop)
 system_vendor_config_prop(audio_config_prop)
+system_vendor_config_prop(build_odm_prop)
+system_vendor_config_prop(build_vendor_prop)
 system_vendor_config_prop(camera_config_prop)
 system_vendor_config_prop(cpu_variant_prop)
 system_vendor_config_prop(dalvik_config_prop)
commit	ff42a49df2871bd8e65ef2c691f90aa836c11b89	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Wed May 20 14:17:56 2020 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed May 20 14:17:56 2020 +0000
tree	70eea4538d54ed9166fd5cee0f452d908ff77b2f
parent	15e5e0a470857795e66f4033c1bf0159e44df5c9 [diff]
parent	fc688b3a7fac4ba1625bb58e42259c55eaf780ad [diff]