omni: Add sys.health.healthloop.disable sepolicy context Fix: W health@2.1-serv: type=1400 audit(0.0:184): avc: denied { read } for name="u:object_r:system_prop:s0" dev="tmpfs" ino=310 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:system_prop:s0 tclass=file permissive=0 Change-Id: Ifd2d2063e1b991849d183232db36acf18c3e13d2

commit: c96bbd761111d550f3f706192304d6d21c03f421 [log] [tgz]
author: micky387 <mickaelsaibi@free.fr> Sun Dec 18 14:51:21 2022 +0100
committer: maxwen <max.weninger@gmail.com> Sun Dec 18 15:32:36 2022 +0100
tree: 8bdb289ebba7431ce06d7bb9e75a7429a4c73dbe
parent: 9051f370434321fa78cc59190bc87410d5c40863 [diff]
diff --git a/sepolicy/private/hal_health.te b/sepolicy/private/hal_health.te
new file mode 100644
index 0000000..e781a18
--- /dev/null
+++ b/sepolicy/private/hal_health.te

@@ -0,0 +1 @@
+get_prop(hal_health, healthloop_prop)

diff --git a/sepolicy/private/property.te b/sepolicy/private/property.te
new file mode 100644
index 0000000..8eb0fac
--- /dev/null
+++ b/sepolicy/private/property.te

@@ -0,0 +1,2 @@
+# Health
+system_restricted_prop(healthloop_prop)

diff --git a/sepolicy/private/property_contexts b/sepolicy/private/property_contexts
new file mode 100644
index 0000000..35ebbb6
--- /dev/null
+++ b/sepolicy/private/property_contexts

@@ -0,0 +1,2 @@
+# Allow health service to read healthloop prop
+sys.health.healthloop.disable      u:object_r:healthloop_prop:s0
commit	c96bbd761111d550f3f706192304d6d21c03f421	[log] [tgz]
author	micky387 <mickaelsaibi@free.fr>	Sun Dec 18 14:51:21 2022 +0100
committer	maxwen <max.weninger@gmail.com>	Sun Dec 18 15:32:36 2022 +0100
tree	8bdb289ebba7431ce06d7bb9e75a7429a4c73dbe
parent	9051f370434321fa78cc59190bc87410d5c40863 [diff]