diff options
| author | Chris Paulo <chrispaulo@google.com> | 2022-11-15 08:42:43 +0000 |
|---|---|---|
| committer | Chris Paulo <chrispaulo@google.com> | 2022-11-16 17:12:30 +0000 |
| commit | 272f84ebb5b8b9724a5a181fa774e33813233b5c (patch) | |
| tree | a32bd260c7da1d06fce3ecdf7ea8472408270c98 | |
| parent | 2a3c5cbca3723ec86826ad119b1c7772a378e59f (diff) | |
system/sepolicy: Update prebuilts for adaptive haptics system prop
Update prebuilts and api compat for the adaptive haptics restricted
system property.
Bug: 198239103
Test: Verified functionality
Ignore-AOSP-First: Prebuilts on top of aosp/2300027
Change-Id: I2e299053cc2ebdb5d69aa8d3551e602609daaeaf
Signed-off-by: Chris Paulo <chrispaulo@google.com>
| -rw-r--r-- | prebuilts/api/33.0/private/compat/32.0/32.0.ignore.cil | 1 | ||||
| -rw-r--r-- | prebuilts/api/33.0/private/property_contexts | 3 | ||||
| -rw-r--r-- | prebuilts/api/33.0/private/system_app.te | 4 | ||||
| -rw-r--r-- | prebuilts/api/33.0/public/property.te | 1 | ||||
| -rw-r--r-- | private/compat/32.0/32.0.ignore.cil | 1 |
5 files changed, 10 insertions, 0 deletions
diff --git a/prebuilts/api/33.0/private/compat/32.0/32.0.ignore.cil b/prebuilts/api/33.0/private/compat/32.0/32.0.ignore.cil index c2f568986..076d642e2 100644 --- a/prebuilts/api/33.0/private/compat/32.0/32.0.ignore.cil +++ b/prebuilts/api/33.0/private/compat/32.0/32.0.ignore.cil @@ -5,6 +5,7 @@ (typeattribute new_objects) (typeattributeset new_objects ( new_objects + adaptive_haptics_prop adservices_manager_service apexd_select_prop artd_service diff --git a/prebuilts/api/33.0/private/property_contexts b/prebuilts/api/33.0/private/property_contexts index 4eda4a169..2a46b1a8f 100644 --- a/prebuilts/api/33.0/private/property_contexts +++ b/prebuilts/api/33.0/private/property_contexts @@ -1341,3 +1341,6 @@ ro.gms.dck.eligible_wcc u:object_r:dck_prop:s0 exact int # virtualization service properties virtualizationservice.state.last_cid u:object_r:virtualizationservice_prop:s0 exact uint + +# Adaptive haptics settings property +vibrator.adaptive_haptics.enabled u:object_r:adaptive_haptics_prop:s0 exact string diff --git a/prebuilts/api/33.0/private/system_app.te b/prebuilts/api/33.0/private/system_app.te index 77cca3d01..76e5f7dac 100644 --- a/prebuilts/api/33.0/private/system_app.te +++ b/prebuilts/api/33.0/private/system_app.te @@ -34,6 +34,7 @@ allow system_app wallpaper_file:file r_file_perms; allow system_app icon_file:file r_file_perms; # Write to properties +set_prop(system_app, adaptive_haptics_prop) set_prop(system_app, arm64_memtag_prop) set_prop(system_app, bluetooth_a2dp_offload_prop) set_prop(system_app, bluetooth_audio_hal_prop) @@ -189,3 +190,6 @@ neverallow system_app fuse_device:chr_file *; # bug reports, but not reads. neverallow system_app shell_data_file:dir { no_w_dir_perms open search read }; neverallow system_app shell_data_file:file { open read ioctl lock }; + +# system_app should be the only domain writing the adaptive haptics prop +neverallow { domain -init -system_app } adaptive_haptics_prop:property_service set; diff --git a/prebuilts/api/33.0/public/property.te b/prebuilts/api/33.0/public/property.te index 42fe9798f..763a80a59 100644 --- a/prebuilts/api/33.0/public/property.te +++ b/prebuilts/api/33.0/public/property.te @@ -52,6 +52,7 @@ compatible_property_only(` # Properties which can't be written outside system system_restricted_prop(aac_drc_prop) +system_restricted_prop(adaptive_haptics_prop) system_restricted_prop(arm64_memtag_prop) system_restricted_prop(binder_cache_bluetooth_server_prop) system_restricted_prop(binder_cache_system_server_prop) diff --git a/private/compat/32.0/32.0.ignore.cil b/private/compat/32.0/32.0.ignore.cil index c2f568986..076d642e2 100644 --- a/private/compat/32.0/32.0.ignore.cil +++ b/private/compat/32.0/32.0.ignore.cil @@ -5,6 +5,7 @@ (typeattribute new_objects) (typeattributeset new_objects ( new_objects + adaptive_haptics_prop adservices_manager_service apexd_select_prop artd_service |