summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--prebuilts/api/33.0/private/compat/32.0/32.0.cil1
-rw-r--r--prebuilts/api/33.0/private/property_contexts4
-rw-r--r--prebuilts/api/33.0/private/untrusted_app_25.te3
-rw-r--r--prebuilts/api/33.0/private/untrusted_app_27.te3
-rw-r--r--prebuilts/api/33.0/private/untrusted_app_29.te3
-rw-r--r--prebuilts/api/33.0/private/untrusted_app_30.te3
-rw-r--r--prebuilts/api/33.0/public/domain.te2
-rw-r--r--prebuilts/api/33.0/public/property.te1
-rw-r--r--private/compat/32.0/32.0.cil1
-rw-r--r--private/property_contexts4
-rw-r--r--private/untrusted_app_25.te3
-rw-r--r--private/untrusted_app_27.te3
-rw-r--r--private/untrusted_app_29.te3
-rw-r--r--private/untrusted_app_30.te3
-rw-r--r--public/domain.te2
-rw-r--r--public/property.te1
16 files changed, 4 insertions, 36 deletions
diff --git a/prebuilts/api/33.0/private/compat/32.0/32.0.cil b/prebuilts/api/33.0/private/compat/32.0/32.0.cil
index 9b902a166..b3a38600f 100644
--- a/prebuilts/api/33.0/private/compat/32.0/32.0.cil
+++ b/prebuilts/api/33.0/private/compat/32.0/32.0.cil
@@ -1378,7 +1378,6 @@
(typeattributeset build_config_prop_32_0 (build_config_prop))
(typeattributeset build_odm_prop_32_0 (build_odm_prop))
(typeattributeset build_prop_32_0 (build_prop))
-(typeattributeset build_prop_32_0 (userdebug_or_eng_prop))
(typeattributeset build_vendor_prop_32_0 (build_vendor_prop))
(typeattributeset cache_backup_file_32_0 (cache_backup_file))
(typeattributeset cache_block_device_32_0 (cache_block_device))
diff --git a/prebuilts/api/33.0/private/property_contexts b/prebuilts/api/33.0/private/property_contexts
index d30ce114e..fcd8bb5d2 100644
--- a/prebuilts/api/33.0/private/property_contexts
+++ b/prebuilts/api/33.0/private/property_contexts
@@ -815,7 +815,7 @@ ro.build.version.security_patch u:object_r:build_prop:s0 exact string
ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool
-ro.debuggable u:object_r:userdebug_or_eng_prop:s0 exact bool
+ro.debuggable u:object_r:build_prop:s0 exact bool
ro.treble.enabled u:object_r:build_prop:s0 exact bool
@@ -842,7 +842,7 @@ ro.system.build.version.release_or_codename u:object_r:build_prop:s0 exact strin
ro.system.build.version.sdk u:object_r:build_prop:s0 exact int
ro.adb.secure u:object_r:build_prop:s0 exact bool
-ro.secure u:object_r:userdebug_or_eng_prop:s0 exact int
+ro.secure u:object_r:build_prop:s0 exact int
ro.product.system_ext.brand u:object_r:build_prop:s0 exact string
ro.product.system_ext.device u:object_r:build_prop:s0 exact string
diff --git a/prebuilts/api/33.0/private/untrusted_app_25.te b/prebuilts/api/33.0/private/untrusted_app_25.te
index b40fad062..4235d7eba 100644
--- a/prebuilts/api/33.0/private/untrusted_app_25.te
+++ b/prebuilts/api/33.0/private/untrusted_app_25.te
@@ -52,6 +52,3 @@ allow untrusted_app_25 mnt_sdcard_file:lnk_file r_file_perms;
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_25 userdebug_or_eng(`-untrusted_app_25') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/private/untrusted_app_27.te b/prebuilts/api/33.0/private/untrusted_app_27.te
index dd9b4a809..c747af1bb 100644
--- a/prebuilts/api/33.0/private/untrusted_app_27.te
+++ b/prebuilts/api/33.0/private/untrusted_app_27.te
@@ -40,6 +40,3 @@ allow untrusted_app_27 mnt_sdcard_file:lnk_file r_file_perms;
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_27 userdebug_or_eng(`-untrusted_app_27') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/private/untrusted_app_29.te b/prebuilts/api/33.0/private/untrusted_app_29.te
index 0cc2bea07..6bb2606f6 100644
--- a/prebuilts/api/33.0/private/untrusted_app_29.te
+++ b/prebuilts/api/33.0/private/untrusted_app_29.te
@@ -18,6 +18,3 @@ bluetooth_domain(untrusted_app_29)
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_29 userdebug_or_eng(`-untrusted_app_29') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/private/untrusted_app_30.te b/prebuilts/api/33.0/private/untrusted_app_30.te
index 7b23be743..e0a71ef7f 100644
--- a/prebuilts/api/33.0/private/untrusted_app_30.te
+++ b/prebuilts/api/33.0/private/untrusted_app_30.te
@@ -20,6 +20,3 @@ bluetooth_domain(untrusted_app_30)
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_30 userdebug_or_eng(`-untrusted_app_30') }, userdebug_or_eng_prop)
diff --git a/prebuilts/api/33.0/public/domain.te b/prebuilts/api/33.0/public/domain.te
index 46e945686..de529f5d8 100644
--- a/prebuilts/api/33.0/public/domain.te
+++ b/prebuilts/api/33.0/public/domain.te
@@ -129,7 +129,6 @@ get_prop(domain, soc_prop)
get_prop(domain, socket_hook_prop)
get_prop(domain, surfaceflinger_prop)
get_prop(domain, telephony_status_prop)
-get_prop({domain -untrusted_app_all userdebug_or_eng(`-isolated_app -ephemeral_app') }, userdebug_or_eng_prop)
get_prop(domain, vendor_socket_hook_prop)
get_prop(domain, vndk_prop)
get_prop(domain, vold_status_prop)
@@ -565,7 +564,6 @@ compatible_property_only(`
neverallow { domain -init } aac_drc_prop:property_service set;
neverallow { domain -init } build_prop:property_service set;
-neverallow { domain -init } userdebug_or_eng_prop:property_service set;
# Do not allow reading device's serial number from system properties except form
# a few allowed domains.
diff --git a/prebuilts/api/33.0/public/property.te b/prebuilts/api/33.0/public/property.te
index deb166b07..763a80a59 100644
--- a/prebuilts/api/33.0/public/property.te
+++ b/prebuilts/api/33.0/public/property.te
@@ -73,7 +73,6 @@ system_restricted_prop(device_config_vendor_system_native_boot_prop)
system_restricted_prop(fingerprint_prop)
system_restricted_prop(gwp_asan_prop)
system_restricted_prop(hal_instrumentation_prop)
-system_restricted_prop(userdebug_or_eng_prop)
system_restricted_prop(hypervisor_prop)
system_restricted_prop(init_service_status_prop)
system_restricted_prop(libc_debug_prop)
diff --git a/private/compat/32.0/32.0.cil b/private/compat/32.0/32.0.cil
index 9b902a166..b3a38600f 100644
--- a/private/compat/32.0/32.0.cil
+++ b/private/compat/32.0/32.0.cil
@@ -1378,7 +1378,6 @@
(typeattributeset build_config_prop_32_0 (build_config_prop))
(typeattributeset build_odm_prop_32_0 (build_odm_prop))
(typeattributeset build_prop_32_0 (build_prop))
-(typeattributeset build_prop_32_0 (userdebug_or_eng_prop))
(typeattributeset build_vendor_prop_32_0 (build_vendor_prop))
(typeattributeset cache_backup_file_32_0 (cache_backup_file))
(typeattributeset cache_block_device_32_0 (cache_block_device))
diff --git a/private/property_contexts b/private/property_contexts
index d30ce114e..fcd8bb5d2 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -815,7 +815,7 @@ ro.build.version.security_patch u:object_r:build_prop:s0 exact string
ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool
-ro.debuggable u:object_r:userdebug_or_eng_prop:s0 exact bool
+ro.debuggable u:object_r:build_prop:s0 exact bool
ro.treble.enabled u:object_r:build_prop:s0 exact bool
@@ -842,7 +842,7 @@ ro.system.build.version.release_or_codename u:object_r:build_prop:s0 exact strin
ro.system.build.version.sdk u:object_r:build_prop:s0 exact int
ro.adb.secure u:object_r:build_prop:s0 exact bool
-ro.secure u:object_r:userdebug_or_eng_prop:s0 exact int
+ro.secure u:object_r:build_prop:s0 exact int
ro.product.system_ext.brand u:object_r:build_prop:s0 exact string
ro.product.system_ext.device u:object_r:build_prop:s0 exact string
diff --git a/private/untrusted_app_25.te b/private/untrusted_app_25.te
index b40fad062..4235d7eba 100644
--- a/private/untrusted_app_25.te
+++ b/private/untrusted_app_25.te
@@ -52,6 +52,3 @@ allow untrusted_app_25 mnt_sdcard_file:lnk_file r_file_perms;
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_25 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_25 userdebug_or_eng(`-untrusted_app_25') }, userdebug_or_eng_prop)
diff --git a/private/untrusted_app_27.te b/private/untrusted_app_27.te
index dd9b4a809..c747af1bb 100644
--- a/private/untrusted_app_27.te
+++ b/private/untrusted_app_27.te
@@ -40,6 +40,3 @@ allow untrusted_app_27 mnt_sdcard_file:lnk_file r_file_perms;
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_27 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_27 userdebug_or_eng(`-untrusted_app_27') }, userdebug_or_eng_prop)
diff --git a/private/untrusted_app_29.te b/private/untrusted_app_29.te
index 0cc2bea07..6bb2606f6 100644
--- a/private/untrusted_app_29.te
+++ b/private/untrusted_app_29.te
@@ -18,6 +18,3 @@ bluetooth_domain(untrusted_app_29)
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_29 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_29 userdebug_or_eng(`-untrusted_app_29') }, userdebug_or_eng_prop)
diff --git a/private/untrusted_app_30.te b/private/untrusted_app_30.te
index 7b23be743..e0a71ef7f 100644
--- a/private/untrusted_app_30.te
+++ b/private/untrusted_app_30.te
@@ -20,6 +20,3 @@ bluetooth_domain(untrusted_app_30)
# allow sending RTM_GETNEIGH{TBL} messages.
allow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
auditallow untrusted_app_30 self:netlink_route_socket nlmsg_getneigh;
-
-# Allow hidden build props
-get_prop({ untrusted_app_30 userdebug_or_eng(`-untrusted_app_30') }, userdebug_or_eng_prop)
diff --git a/public/domain.te b/public/domain.te
index 46e945686..de529f5d8 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -129,7 +129,6 @@ get_prop(domain, soc_prop)
get_prop(domain, socket_hook_prop)
get_prop(domain, surfaceflinger_prop)
get_prop(domain, telephony_status_prop)
-get_prop({domain -untrusted_app_all userdebug_or_eng(`-isolated_app -ephemeral_app') }, userdebug_or_eng_prop)
get_prop(domain, vendor_socket_hook_prop)
get_prop(domain, vndk_prop)
get_prop(domain, vold_status_prop)
@@ -565,7 +564,6 @@ compatible_property_only(`
neverallow { domain -init } aac_drc_prop:property_service set;
neverallow { domain -init } build_prop:property_service set;
-neverallow { domain -init } userdebug_or_eng_prop:property_service set;
# Do not allow reading device's serial number from system properties except form
# a few allowed domains.
diff --git a/public/property.te b/public/property.te
index deb166b07..763a80a59 100644
--- a/public/property.te
+++ b/public/property.te
@@ -73,7 +73,6 @@ system_restricted_prop(device_config_vendor_system_native_boot_prop)
system_restricted_prop(fingerprint_prop)
system_restricted_prop(gwp_asan_prop)
system_restricted_prop(hal_instrumentation_prop)
-system_restricted_prop(userdebug_or_eng_prop)
system_restricted_prop(hypervisor_prop)
system_restricted_prop(init_service_status_prop)
system_restricted_prop(libc_debug_prop)
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 05:18:03 +0000