Make public for exported properties on old devices
Properties which are already allowed to be written by vendor_init can't
be internal or restricted prop. This sets the properties as public
except for forbidden ones on vendor_init.te.
Bug: 131162102
Test: system/sepolicy/tools/build_policies.sh
Change-Id: Icc1e813e78a48856adee26fb20f01300713e1d30
diff --git a/public/property.te b/public/property.te
index b2f534b..cbe5ae4 100644
--- a/public/property.te
+++ b/public/property.te
@@ -1,24 +1,6 @@
# Properties used only in /system
system_internal_prop(apexd_prop)
system_internal_prop(bootloader_boot_reason_prop)
-system_internal_prop(boottime_prop)
-system_internal_prop(bpf_progs_loaded_prop)
-system_internal_prop(charger_prop)
-system_internal_prop(cold_boot_done_prop)
-system_internal_prop(ctl_adbd_prop)
-system_internal_prop(ctl_apexd_prop)
-system_internal_prop(ctl_bootanim_prop)
-system_internal_prop(ctl_bugreport_prop)
-system_internal_prop(ctl_console_prop)
-system_internal_prop(ctl_dumpstate_prop)
-system_internal_prop(ctl_fuse_prop)
-system_internal_prop(ctl_gsid_prop)
-system_internal_prop(ctl_interface_restart_prop)
-system_internal_prop(ctl_interface_stop_prop)
-system_internal_prop(ctl_mdnsd_prop)
-system_internal_prop(ctl_restart_prop)
-system_internal_prop(ctl_rildaemon_prop)
-system_internal_prop(ctl_sigstop_prop)
system_internal_prop(device_config_activity_manager_native_boot_prop)
system_internal_prop(device_config_boot_count_prop)
system_internal_prop(device_config_input_native_boot_prop)
@@ -28,61 +10,87 @@
system_internal_prop(device_config_runtime_native_boot_prop)
system_internal_prop(device_config_runtime_native_prop)
system_internal_prop(device_config_sys_traced_prop)
-system_internal_prop(dynamic_system_prop)
system_internal_prop(firstboot_prop)
system_internal_prop(gsid_prop)
-system_internal_prop(heapprofd_enabled_prop)
system_internal_prop(init_svc_debug_prop)
system_internal_prop(last_boot_reason_prop)
-system_internal_prop(llkd_prop)
-system_internal_prop(lpdumpd_prop)
-system_internal_prop(mmc_prop)
-system_internal_prop(mock_ota_prop)
-system_internal_prop(net_dns_prop)
system_internal_prop(netd_stable_secret_prop)
-system_internal_prop(overlay_prop)
-system_internal_prop(persistent_properties_ready_prop)
system_internal_prop(pm_prop)
-system_internal_prop(safemode_prop)
-system_internal_prop(system_lmk_prop)
-system_internal_prop(system_trace_prop)
-system_internal_prop(test_boot_reason_prop)
-system_internal_prop(time_prop)
-system_internal_prop(traced_enabled_prop)
-system_internal_prop(traced_lazy_prop)
-system_internal_prop(virtual_ab_prop)
+
+compatible_property_only(`
+ # DO NOT ADD ANY PROPERTIES HERE
+ system_internal_prop(boottime_prop)
+ system_internal_prop(bpf_progs_loaded_prop)
+ system_internal_prop(charger_prop)
+ system_internal_prop(cold_boot_done_prop)
+ system_internal_prop(ctl_adbd_prop)
+ system_internal_prop(ctl_apexd_prop)
+ system_internal_prop(ctl_bootanim_prop)
+ system_internal_prop(ctl_bugreport_prop)
+ system_internal_prop(ctl_console_prop)
+ system_internal_prop(ctl_dumpstate_prop)
+ system_internal_prop(ctl_fuse_prop)
+ system_internal_prop(ctl_gsid_prop)
+ system_internal_prop(ctl_interface_restart_prop)
+ system_internal_prop(ctl_interface_stop_prop)
+ system_internal_prop(ctl_mdnsd_prop)
+ system_internal_prop(ctl_restart_prop)
+ system_internal_prop(ctl_rildaemon_prop)
+ system_internal_prop(ctl_sigstop_prop)
+ system_internal_prop(dynamic_system_prop)
+ system_internal_prop(heapprofd_enabled_prop)
+ system_internal_prop(llkd_prop)
+ system_internal_prop(lpdumpd_prop)
+ system_internal_prop(mmc_prop)
+ system_internal_prop(mock_ota_prop)
+ system_internal_prop(net_dns_prop)
+ system_internal_prop(overlay_prop)
+ system_internal_prop(persistent_properties_ready_prop)
+ system_internal_prop(safemode_prop)
+ system_internal_prop(system_lmk_prop)
+ system_internal_prop(system_trace_prop)
+ system_internal_prop(test_boot_reason_prop)
+ system_internal_prop(time_prop)
+ system_internal_prop(traced_enabled_prop)
+ system_internal_prop(traced_lazy_prop)
+ system_internal_prop(virtual_ab_prop)
+')
# Properties which can't be written outside system
-system_restricted_prop(config_prop)
-system_restricted_prop(cppreopt_prop)
-system_restricted_prop(dalvik_prop)
-system_restricted_prop(debuggerd_prop)
-system_restricted_prop(default_prop)
-system_restricted_prop(device_logging_prop)
-system_restricted_prop(dhcp_prop)
-system_restricted_prop(dumpstate_prop)
-system_restricted_prop(exported2_default_prop)
-system_restricted_prop(exported3_system_prop)
-system_restricted_prop(exported_dumpstate_prop)
-system_restricted_prop(exported_fingerprint_prop)
-system_restricted_prop(exported_secure_prop)
-system_restricted_prop(exported_vold_prop)
-system_restricted_prop(ffs_prop)
-system_restricted_prop(fingerprint_prop)
-system_restricted_prop(heapprofd_prop)
system_restricted_prop(linker_prop)
-system_restricted_prop(net_radio_prop)
system_restricted_prop(nnapi_ext_deny_product_prop)
-system_restricted_prop(pan_result_prop)
-system_restricted_prop(persist_debug_prop)
system_restricted_prop(restorecon_prop)
-system_restricted_prop(shell_prop)
system_restricted_prop(system_boot_reason_prop)
-system_restricted_prop(system_radio_prop)
-system_restricted_prop(test_harness_prop)
-system_restricted_prop(theme_prop)
-system_restricted_prop(use_memfd_prop)
-system_restricted_prop(vold_prop)
+
+compatible_property_only(`
+ # DO NOT ADD ANY PROPERTIES HERE
+ system_restricted_prop(config_prop)
+ system_restricted_prop(cppreopt_prop)
+ system_restricted_prop(dalvik_prop)
+ system_restricted_prop(debuggerd_prop)
+ system_restricted_prop(default_prop)
+ system_restricted_prop(device_logging_prop)
+ system_restricted_prop(dhcp_prop)
+ system_restricted_prop(dumpstate_prop)
+ system_restricted_prop(exported2_default_prop)
+ system_restricted_prop(exported3_system_prop)
+ system_restricted_prop(exported_dumpstate_prop)
+ system_restricted_prop(exported_fingerprint_prop)
+ system_restricted_prop(exported_secure_prop)
+ system_restricted_prop(exported_vold_prop)
+ system_restricted_prop(ffs_prop)
+ system_restricted_prop(fingerprint_prop)
+ system_restricted_prop(heapprofd_prop)
+ system_restricted_prop(net_radio_prop)
+ system_restricted_prop(pan_result_prop)
+ system_restricted_prop(persist_debug_prop)
+ system_restricted_prop(shell_prop)
+ system_restricted_prop(system_radio_prop)
+ system_restricted_prop(test_harness_prop)
+ system_restricted_prop(theme_prop)
+ system_restricted_prop(use_memfd_prop)
+ system_restricted_prop(vold_prop)
+')
# Properties with no restrictions
system_public_prop(audio_prop)
@@ -129,6 +137,74 @@
system_public_prop(wifi_log_prop)
system_public_prop(wifi_prop)
+# Properties which are public for devices launching with Android O or earlier
+# This should not be used for any new properties.
+not_compatible_property(`
+ # DO NOT ADD ANY PROPERTIES HERE
+ system_public_prop(boottime_prop)
+ system_public_prop(bpf_progs_loaded_prop)
+ system_public_prop(charger_prop)
+ system_public_prop(cold_boot_done_prop)
+ system_public_prop(ctl_adbd_prop)
+ system_public_prop(ctl_apexd_prop)
+ system_public_prop(ctl_bootanim_prop)
+ system_public_prop(ctl_bugreport_prop)
+ system_public_prop(ctl_console_prop)
+ system_public_prop(ctl_dumpstate_prop)
+ system_public_prop(ctl_fuse_prop)
+ system_public_prop(ctl_gsid_prop)
+ system_public_prop(ctl_interface_restart_prop)
+ system_public_prop(ctl_interface_stop_prop)
+ system_public_prop(ctl_mdnsd_prop)
+ system_public_prop(ctl_restart_prop)
+ system_public_prop(ctl_rildaemon_prop)
+ system_public_prop(ctl_sigstop_prop)
+ system_public_prop(dynamic_system_prop)
+ system_public_prop(heapprofd_enabled_prop)
+ system_public_prop(llkd_prop)
+ system_public_prop(lpdumpd_prop)
+ system_public_prop(mmc_prop)
+ system_public_prop(mock_ota_prop)
+ system_public_prop(net_dns_prop)
+ system_public_prop(overlay_prop)
+ system_public_prop(persistent_properties_ready_prop)
+ system_public_prop(safemode_prop)
+ system_public_prop(system_lmk_prop)
+ system_public_prop(system_trace_prop)
+ system_public_prop(test_boot_reason_prop)
+ system_public_prop(time_prop)
+ system_public_prop(traced_enabled_prop)
+ system_public_prop(traced_lazy_prop)
+ system_public_prop(virtual_ab_prop)
+
+ system_public_prop(config_prop)
+ system_public_prop(cppreopt_prop)
+ system_public_prop(dalvik_prop)
+ system_public_prop(debuggerd_prop)
+ system_public_prop(default_prop)
+ system_public_prop(device_logging_prop)
+ system_public_prop(dhcp_prop)
+ system_public_prop(dumpstate_prop)
+ system_public_prop(exported2_default_prop)
+ system_public_prop(exported3_system_prop)
+ system_public_prop(exported_dumpstate_prop)
+ system_public_prop(exported_fingerprint_prop)
+ system_public_prop(exported_secure_prop)
+ system_public_prop(exported_vold_prop)
+ system_public_prop(ffs_prop)
+ system_public_prop(fingerprint_prop)
+ system_public_prop(heapprofd_prop)
+ system_public_prop(net_radio_prop)
+ system_public_prop(pan_result_prop)
+ system_public_prop(persist_debug_prop)
+ system_public_prop(shell_prop)
+ system_public_prop(system_radio_prop)
+ system_public_prop(test_harness_prop)
+ system_public_prop(theme_prop)
+ system_public_prop(use_memfd_prop)
+ system_public_prop(vold_prop)
+')
+
type vendor_default_prop, property_type;
typeattribute log_prop log_property_type;