Merge tag 'LA.QSSI.13.0.r1-10200-qssi.0' into tachibanatachibana

"LA.QSSI.13.0.r1-10200-qssi.0" Change-Id: I7f61be8a6f27c3e74d883c0432a9a1c63d4c768d
author: alk3pInjection <webmaster@raspii.tech> 2023-06-02 00:30:40 +0800
committer: alk3pInjection <webmaster@raspii.tech> 2023-06-02 00:30:40 +0800
commit: bf175d56238ffbe7e232474f5c18c85663f962d0 (patch)
tree: 41ac8f9e0abbc174c4de95cf0e3c4a42f5d8e005
parent: 5a88e289ec8adb8717ac79bd76e880ef672a6018 (diff)
parent: 603a5467401202f49cf4f55a569b8b4f6538ab2b (diff)
16 files changed, 4 insertions, 36 deletions
diff --git a/prebuilts/api/33.0/private/compat/32.0/32.0.cil b/prebuilts/api/33.0/private/compat/32.0/32.0.cil
index 9b902a166..b3a38600f 100644
--- a/prebuilts/api/33.0/private/compat/32.0/32.0.cil
+++ b/prebuilts/api/33.0/private/compat/32.0/32.0.cil
@@ -1378,7 +1378,6 @@
 (typeattributeset build_config_prop_32_0 (build_config_prop))
 (typeattributeset build_odm_prop_32_0 (build_odm_prop))
 (typeattributeset build_prop_32_0 (build_prop))
-(typeattributeset build_prop_32_0 (userdebug_or_eng_prop))
 (typeattributeset build_vendor_prop_32_0 (build_vendor_prop))
 (typeattributeset cache_backup_file_32_0 (cache_backup_file))
 (typeattributeset cache_block_device_32_0 (cache_block_device))
diff --git a/prebuilts/api/33.0/private/property_contexts b/prebuilts/api/33.0/private/property_contexts
index d30ce114e..fcd8bb5d2 100644
--- a/prebuilts/api/33.0/private/property_contexts
+++ b/prebuilts/api/33.0/private/property_contexts
@@ -815,7 +815,7 @@ ro.build.version.security_patch           u:object_r:build_prop:s0 exact string
 
 ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool
 
-ro.debuggable u:object_r:userdebug_or_eng_prop:s0 exact bool
+ro.debuggable u:object_r:build_prop:s0 exact bool
 
 ro.treble.enabled u:object_r:build_prop:s0 exact bool
 
@@ -842,7 +842,7 @@ ro.system.build.version.release_or_codename u:object_r:build_prop:s0 exact strin
 ro.system.build.version.sdk                 u:object_r:build_prop:s0 exact int
 
 ro.adb.secure u:object_r:build_prop:s0 exact bool
-ro.secure     u:object_r:userdebug_or_eng_prop:s0 exact int
+ro.secure     u:object_r:build_prop:s0 exact int
 
 ro.product.system_ext.brand        u:object_r:build_prop:s0 exact string
 ro.product.system_ext.device       u:object_r:build_prop:s0 exact string
diff --git a/prebuilts/api/33.0/private/untrusted_app_25.te b/prebuilts/api/33.0/private/untrusted_app_25.te
index b40fad062..4235d7eba 100644
--- a/prebuilts/api/33.0/private/untrusted_app_25.te
+++ b/prebuilts/api/33.0/private/untrusted_app_25.te
@@ -52,6 +52,3 @@ allow untrusted_app_25 mnt_sdcard_file:lnk_file r_file_perms;
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_25 userdebug_or_eng(`-untrusted_app_25') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/private/untrusted_app_27.te b/prebuilts/api/33.0/private/untrusted_app_27.te
index dd9b4a809..c747af1bb 100644
--- a/prebuilts/api/33.0/private/untrusted_app_27.te
+++ b/prebuilts/api/33.0/private/untrusted_app_27.te
@@ -40,6 +40,3 @@ allow untrusted_app_27 mnt_sdcard_file:lnk_file r_file_perms;
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_27 userdebug_or_eng(`-untrusted_app_27') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/private/untrusted_app_29.te b/prebuilts/api/33.0/private/untrusted_app_29.te
index 0cc2bea07..6bb2606f6 100644
--- a/prebuilts/api/33.0/private/untrusted_app_29.te
+++ b/prebuilts/api/33.0/private/untrusted_app_29.te
@@ -18,6 +18,3 @@ bluetooth_domain(untrusted_app_29)
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_29 userdebug_or_eng(`-untrusted_app_29') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/private/untrusted_app_30.te b/prebuilts/api/33.0/private/untrusted_app_30.te
index 7b23be743..e0a71ef7f 100644
--- a/prebuilts/api/33.0/private/untrusted_app_30.te
+++ b/prebuilts/api/33.0/private/untrusted_app_30.te
@@ -20,6 +20,3 @@ bluetooth_domain(untrusted_app_30)
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_30 userdebug_or_eng(`-untrusted_app_30') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/public/domain.te b/prebuilts/api/33.0/public/domain.te
index 46e945686..de529f5d8 100644
--- a/prebuilts/api/33.0/public/domain.te
+++ b/prebuilts/api/33.0/public/domain.te
@@ -129,7 +129,6 @@ get_prop(domain, soc_prop)
 get_prop(domain, socket_hook_prop)
 get_prop(domain, surfaceflinger_prop)
 get_prop(domain, telephony_status_prop)
-get_prop({domain -untrusted_app_all userdebug_or_eng(`-isolated_app -ephemeral_app') },  userdebug_or_eng_prop)
 get_prop(domain, vendor_socket_hook_prop)
 get_prop(domain, vndk_prop)
 get_prop(domain, vold_status_prop)
@@ -565,7 +564,6 @@ compatible_property_only(`
 
 neverallow { domain -init } aac_drc_prop:property_service set;
 neverallow { domain -init } build_prop:property_service set;
-neverallow { domain -init } userdebug_or_eng_prop:property_service set;
 
 # Do not allow reading device's serial number from system properties except form
 # a few allowed domains.
diff --git a/prebuilts/api/33.0/public/property.te b/prebuilts/api/33.0/public/property.te
index deb166b07..763a80a59 100644
--- a/prebuilts/api/33.0/public/property.te
+++ b/prebuilts/api/33.0/public/property.te
@@ -73,7 +73,6 @@ system_restricted_prop(device_config_vendor_system_native_boot_prop)
 system_restricted_prop(fingerprint_prop)
 system_restricted_prop(gwp_asan_prop)
 system_restricted_prop(hal_instrumentation_prop)
-system_restricted_prop(userdebug_or_eng_prop)
 system_restricted_prop(hypervisor_prop)
 system_restricted_prop(init_service_status_prop)
 system_restricted_prop(libc_debug_prop)
diff --git a/private/compat/32.0/32.0.cil b/private/compat/32.0/32.0.cil
index 9b902a166..b3a38600f 100644
--- a/private/compat/32.0/32.0.cil
+++ b/private/compat/32.0/32.0.cil
@@ -1378,7 +1378,6 @@
 (typeattributeset build_config_prop_32_0 (build_config_prop))
 (typeattributeset build_odm_prop_32_0 (build_odm_prop))
 (typeattributeset build_prop_32_0 (build_prop))
-(typeattributeset build_prop_32_0 (userdebug_or_eng_prop))
 (typeattributeset build_vendor_prop_32_0 (build_vendor_prop))
 (typeattributeset cache_backup_file_32_0 (cache_backup_file))
 (typeattributeset cache_block_device_32_0 (cache_block_device))
diff --git a/private/property_contexts b/private/property_contexts
index d30ce114e..fcd8bb5d2 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -815,7 +815,7 @@ ro.build.version.security_patch           u:object_r:build_prop:s0 exact string
 
 ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool
 
-ro.debuggable u:object_r:userdebug_or_eng_prop:s0 exact bool
+ro.debuggable u:object_r:build_prop:s0 exact bool
 
 ro.treble.enabled u:object_r:build_prop:s0 exact bool
 
@@ -842,7 +842,7 @@ ro.system.build.version.release_or_codename u:object_r:build_prop:s0 exact strin
 ro.system.build.version.sdk                 u:object_r:build_prop:s0 exact int
 
 ro.adb.secure u:object_r:build_prop:s0 exact bool
-ro.secure     u:object_r:userdebug_or_eng_prop:s0 exact int
+ro.secure     u:object_r:build_prop:s0 exact int
 
 ro.product.system_ext.brand        u:object_r:build_prop:s0 exact string
 ro.product.system_ext.device       u:object_r:build_prop:s0 exact string
diff --git a/private/untrusted_app_25.te b/private/untrusted_app_25.te
index b40fad062..4235d7eba 100644
--- a/private/untrusted_app_25.te
+++ b/private/untrusted_app_25.te
@@ -52,6 +52,3 @@ allow untrusted_app_25 mnt_sdcard_file:lnk_file r_file_perms;
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_25 userdebug_or_eng(`-untrusted_app_25') }, userdebug_or_eng_prop)
diff --git a/private/untrusted_app_27.te b/private/untrusted_app_27.te
index dd9b4a809..c747af1bb 100644
--- a/private/untrusted_app_27.te
+++ b/private/untrusted_app_27.te
@@ -40,6 +40,3 @@ allow untrusted_app_27 mnt_sdcard_file:lnk_file r_file_perms;
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_27 userdebug_or_eng(`-untrusted_app_27') }, userdebug_or_eng_prop)
diff --git a/private/untrusted_app_29.te b/private/untrusted_app_29.te
index 0cc2bea07..6bb2606f6 100644
--- a/private/untrusted_app_29.te
+++ b/private/untrusted_app_29.te
@@ -18,6 +18,3 @@ bluetooth_domain(untrusted_app_29)
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_29 userdebug_or_eng(`-untrusted_app_29') }, userdebug_or_eng_prop)
diff --git a/private/untrusted_app_30.te b/private/untrusted_app_30.te
index 7b23be743..e0a71ef7f 100644
--- a/private/untrusted_app_30.te
+++ b/private/untrusted_app_30.te
@@ -20,6 +20,3 @@ bluetooth_domain(untrusted_app_30)
 # allow sending RTM_GETNEIGH{TBL} messages.
 allow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
 auditallow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_30 userdebug_or_eng(`-untrusted_app_30') }, userdebug_or_eng_prop)
diff --git a/public/domain.te b/public/domain.te
index 46e945686..de529f5d8 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -129,7 +129,6 @@ get_prop(domain, soc_prop)
 get_prop(domain, socket_hook_prop)
 get_prop(domain, surfaceflinger_prop)
 get_prop(domain, telephony_status_prop)
-get_prop({domain -untrusted_app_all userdebug_or_eng(`-isolated_app -ephemeral_app') },  userdebug_or_eng_prop)
 get_prop(domain, vendor_socket_hook_prop)
 get_prop(domain, vndk_prop)
 get_prop(domain, vold_status_prop)
@@ -565,7 +564,6 @@ compatible_property_only(`
 
 neverallow { domain -init } aac_drc_prop:property_service set;
 neverallow { domain -init } build_prop:property_service set;
-neverallow { domain -init } userdebug_or_eng_prop:property_service set;
 
 # Do not allow reading device's serial number from system properties except form
 # a few allowed domains.
diff --git a/public/property.te b/public/property.te
index deb166b07..763a80a59 100644
--- a/public/property.te
+++ b/public/property.te
@@ -73,7 +73,6 @@ system_restricted_prop(device_config_vendor_system_native_boot_prop)
 system_restricted_prop(fingerprint_prop)
 system_restricted_prop(gwp_asan_prop)
 system_restricted_prop(hal_instrumentation_prop)
-system_restricted_prop(userdebug_or_eng_prop)
 system_restricted_prop(hypervisor_prop)
 system_restricted_prop(init_service_status_prop)
 system_restricted_prop(libc_debug_prop)
author	alk3pInjection <webmaster@raspii.tech>	2023-06-02 00:30:40 +0800
committer	alk3pInjection <webmaster@raspii.tech>	2023-06-02 00:30:40 +0800
commit	bf175d56238ffbe7e232474f5c18c85663f962d0 (patch)
tree	41ac8f9e0abbc174c4de95cf0e3c4a42f5d8e005
parent	5a88e289ec8adb8717ac79bd76e880ef672a6018 (diff)
parent	603a5467401202f49cf4f55a569b8b4f6538ab2b (diff)