diff options
| author | Jinyoung Jeong <jinjeong@google.com> | 2023-05-15 10:18:11 +0000 |
|---|---|---|
| committer | Jin Jeong <jinjeong@google.com> | 2023-05-17 06:53:34 +0000 |
| commit | b6d74a5196dfeab2d34a6d55ee8d3d3fb00a21d1 (patch) | |
| tree | c448cc5b8608652ea1061451928d98c48a84bc05 | |
| parent | 20364fe3b3b68cd7ac93c6404a2c5dd1bf829737 (diff) | |
[GS101][eSIM] Add system properties rule
Bug: 279988311
Test: https://fusion2.corp.google.com/d517f34a-3242-40b1-adf6-acb6035ff2cb , b/282901698
Change-Id: I6caed744d2bba7882f80f8ace229f6c4b4133c65
| -rw-r--r-- | system_ext/private/euicc_app.te | 13 | ||||
| -rw-r--r-- | system_ext/private/property.te | 5 | ||||
| -rw-r--r-- | system_ext/private/property_contexts | 3 | ||||
| -rw-r--r-- | system_ext/private/seapp_contexts | 2 | ||||
| -rw-r--r-- | system_ext/public/property.te | 3 |
5 files changed, 26 insertions, 0 deletions
diff --git a/system_ext/private/euicc_app.te b/system_ext/private/euicc_app.te new file mode 100644 index 00000000..842f1ec7 --- /dev/null +++ b/system_ext/private/euicc_app.te @@ -0,0 +1,13 @@ +type euicc_app, domain, coredomain; +app_domain(euicc_app) +net_domain(euicc_app) +bluetooth_domain(euicc_app) + +allow euicc_app app_api_service:service_manager find; +allow euicc_app radio_service:service_manager find; +allow euicc_app cameraserver_service:service_manager find; + +get_prop(euicc_app, camera_config_prop) +get_prop(euicc_app, bootloader_prop) +get_prop(euicc_app, exported_default_prop) +get_prop(euicc_app, esim_modem_prop) diff --git a/system_ext/private/property.te b/system_ext/private/property.te new file mode 100644 index 00000000..714108b1 --- /dev/null +++ b/system_ext/private/property.te @@ -0,0 +1,5 @@ +neverallow { + domain + -init + -vendor_init +} esim_modem_prop:property_service set; diff --git a/system_ext/private/property_contexts b/system_ext/private/property_contexts index 9cf97280..790ba63b 100644 --- a/system_ext/private/property_contexts +++ b/system_ext/private/property_contexts @@ -6,3 +6,6 @@ persist.bootanim.color1 u:object_r:bootanim_system_prop:s0 exact int persist.bootanim.color2 u:object_r:bootanim_system_prop:s0 exact int persist.bootanim.color3 u:object_r:bootanim_system_prop:s0 exact int persist.bootanim.color4 u:object_r:bootanim_system_prop:s0 exact int + +# Properties for euicc +persist.modem.esim_profiles_exist u:object_r:esim_modem_prop:s0 exact string diff --git a/system_ext/private/seapp_contexts b/system_ext/private/seapp_contexts new file mode 100644 index 00000000..8c2178a8 --- /dev/null +++ b/system_ext/private/seapp_contexts @@ -0,0 +1,2 @@ +# Domain for EuiccGoogle +user=_app isPrivApp=true name=com.google.android.euicc domain=euicc_app type=privapp_data_file levelFrom=user diff --git a/system_ext/public/property.te b/system_ext/public/property.te index 8908e485..bb07d927 100644 --- a/system_ext/public/property.te +++ b/system_ext/public/property.te @@ -1,2 +1,5 @@ # Fingerprint (UDFPS) GHBM/LHBM toggle system_vendor_config_prop(fingerprint_ghbm_prop) + +# eSIM properties +system_vendor_config_prop(esim_modem_prop) |