Use set_prop() macro for property sets
Change-Id: Id67a05f8ed718cad5856613c2700f4ce1e404cf0
diff --git a/legacy/vendor/common/fidodaemon.te b/legacy/vendor/common/fidodaemon.te
index eebc14b..5939d9c 100644
--- a/legacy/vendor/common/fidodaemon.te
+++ b/legacy/vendor/common/fidodaemon.te
@@ -44,9 +44,6 @@
#Allow fidodaemon to be registered with service manager
#allow fidodaemon fidodaemon_service:service_manager add;
-#Allow communication with init over property server
-unix_socket_connect(fidodaemon, property, init);
-
#Allow access to tee device
allow fidodaemon tee_device:chr_file rw_file_perms;
diff --git a/legacy/vendor/common/qseecomd.te b/legacy/vendor/common/qseecomd.te
index 669113d..3413e7d 100644
--- a/legacy/vendor/common/qseecomd.te
+++ b/legacy/vendor/common/qseecomd.te
@@ -87,8 +87,6 @@
binder_call(tee, surfaceflinger)
#binder_use(tee)
-#allow tee system_app:unix_dgram_socket sendto;
-unix_socket_connect(tee, property, init)
userdebug_or_eng(`
allow tee su:unix_dgram_socket sendto;
diff --git a/legacy/vendor/common/qseeproxy.te b/legacy/vendor/common/qseeproxy.te
index 12517fb..7008ba4 100644
--- a/legacy/vendor/common/qseeproxy.te
+++ b/legacy/vendor/common/qseeproxy.te
@@ -43,9 +43,6 @@
#Allow qseeproxy to use system_server via binder to check caller identity
binder_call(qseeproxy, system_server)
-#Allow communication with init over property server
-unix_socket_connect(qseeproxy, property, init);
-
#Allow access to tee device
allow qseeproxy tee_device:chr_file rw_file_perms;
diff --git a/legacy/vendor/common/qti_logkit_app.te b/legacy/vendor/common/qti_logkit_app.te
index 914da6c..4804b42 100644
--- a/legacy/vendor/common/qti_logkit_app.te
+++ b/legacy/vendor/common/qti_logkit_app.te
@@ -70,7 +70,7 @@
allow qti_logkit_app wcnss_service_exec:file rx_file_perms;
# bugreport
-#allow qti_logkit_app ctl_dumpstate_prop:property_service set;
+#set_prop(qti_logkit_app, ctl_dumpstate_prop)
unix_socket_connect(qti_logkit_app, dumpstate, dumpstate)
# ANR
diff --git a/legacy/vendor/common/system_app.te b/legacy/vendor/common/system_app.te
index 2ddc277..d06220b 100644
--- a/legacy/vendor/common/system_app.te
+++ b/legacy/vendor/common/system_app.te
@@ -109,7 +109,7 @@
#allow system_app qti_logkit_priv_socket:sock_file r_file_perms;
# bugreport
-#allow system_app ctl_dumpstate_prop:property_service set;
+#set_prop(system_app, ctl_dumpstate_prop)
unix_socket_connect(system_app, dumpstate, dumpstate)
# allow gba auth service to add itself as system service
diff --git a/legacy/vendor/common/system_server.te b/legacy/vendor/common/system_server.te
index 3d5759e..dc43c86 100644
--- a/legacy/vendor/common/system_server.te
+++ b/legacy/vendor/common/system_server.te
@@ -110,7 +110,7 @@
allow system_server iqfp_service:service_manager find;
# For shutdown animation
-allow system_server ctl_bootanim_prop:property_service set;
+set_prop(system_server, ctl_bootanim_prop)
# allow tethering to access dhcp leases
r_dir_file(system_server, dhcp_data_file)
diff --git a/legacy/vendor/common/wifi_ftmd.te b/legacy/vendor/common/wifi_ftmd.te
index 2f61c08..2f1cf5d 100644
--- a/legacy/vendor/common/wifi_ftmd.te
+++ b/legacy/vendor/common/wifi_ftmd.te
@@ -33,4 +33,3 @@
set_prop(wifi_ftmd,vendor_wifi_ftmd_prop);
allow wifi_ftmd self:capability net_admin;
-allow wifi_ftmd vendor_wifi_ftmd_prop:property_service set;
diff --git a/legacy/vendor/common/zygote.te b/legacy/vendor/common/zygote.te
index 812951b..9921f39 100644
--- a/legacy/vendor/common/zygote.te
+++ b/legacy/vendor/common/zygote.te
@@ -25,7 +25,7 @@
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-allow zygote system_prop:property_service set;
+set_prop(zygote, system_prop)
get_prop(zygote, vendor_mpctl_prop)
get_prop(zygote, vendor_video_prop)
allow zygote self:capability kill;
diff --git a/legacy/vendor/msm8953/init_shell.te b/legacy/vendor/msm8953/init_shell.te
index 4778457..143a5ee 100644
--- a/legacy/vendor/msm8953/init_shell.te
+++ b/legacy/vendor/msm8953/init_shell.te
@@ -25,9 +25,8 @@
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-allow qti_init_shell {
- vendor_media_msm8953_version_prop
-}:property_service set;
+# media_msm8953_version_prop - to choose target version specific media_codecs.xml
+set_prop(qti_init_shell, vendor_media_msm8953_version_prop)
# For regionalization
allow qti_init_shell regionalization_file:dir r_dir_perms;
diff --git a/legacy/vendor/sdm660/init_shell.te b/legacy/vendor/sdm660/init_shell.te
index 5715401..f21c8e1 100644
--- a/legacy/vendor/sdm660/init_shell.te
+++ b/legacy/vendor/sdm660/init_shell.te
@@ -32,5 +32,5 @@
#Needed for starting cdsprpcd service post-boot
set_prop(qti_init_shell, vendor_cdsprpcd_prop)
#Needed for ctl property denials
-allow qti_init_shell ctl_start_prop:property_service set;
-allow qti_init_shell ctl_stop_prop:property_service set;
+set_prop(qti_init_shell, ctl_start_prop)
+set_prop(qti_init_shell, ctl_stop_prop)
diff --git a/legacy/vendor/sdm660/vendor_init.te b/legacy/vendor/sdm660/vendor_init.te
index b29678c..1fb0054 100644
--- a/legacy/vendor/sdm660/vendor_init.te
+++ b/legacy/vendor/sdm660/vendor_init.te
@@ -25,6 +25,5 @@
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-allow vendor_init vendor_freq_prop:property_service set;
-
+set_prop(vendor_init, vendor_freq_prop)
set_prop(vendor_init, vendor_video_prop);
diff --git a/legacy/vendor/test/fidotest.te b/legacy/vendor/test/fidotest.te
index c0b8a75..12e881b 100644
--- a/legacy/vendor/test/fidotest.te
+++ b/legacy/vendor/test/fidotest.te
@@ -44,9 +44,6 @@
#Allow fido test daemons to be registered with service manager
#allow fidotest fidotest_service:service_manager add;
- # Allow communication with init over property server
- unix_socket_connect(fidotest, property, init);
-
# Allow access to tee device
allow fidotest tee_device:chr_file rw_file_perms;
diff --git a/legacy/vendor/test/qseeproxysample.te b/legacy/vendor/test/qseeproxysample.te
index a21e83d..e0a14fa 100644
--- a/legacy/vendor/test/qseeproxysample.te
+++ b/legacy/vendor/test/qseeproxysample.te
@@ -45,9 +45,6 @@
#Allow test daemon to use system_server via binder to check caller identity
binder_call(qseeproxysample, system_server)
- # Allow communication with init over property server
- unix_socket_connect(qseeproxysample, property, init);
-
# Allow access to tee device
allow qseeproxysample tee_device:chr_file rw_file_perms;
diff --git a/qva/private/wfdservice.te b/qva/private/wfdservice.te
index 3a61c6e..427524a 100644
--- a/qva/private/wfdservice.te
+++ b/qva/private/wfdservice.te
@@ -68,9 +68,6 @@
#Allow access to encoder for YUV statistics
allow wfdservice gpu_device:chr_file rw_file_perms;
-#Allow communication with init over property server
-unix_socket_connect(wfdservice, property, init);
-
#Allow access to /dev/video/* devices for encoding/decoding
allow wfdservice video_device:chr_file rw_file_perms;
allow wfdservice video_device:dir r_dir_perms;