From d8ae0071894a15e016e6cee725c0c59c2ff0e87a Mon Sep 17 00:00:00 2001
From: Jiyong Park <jiyong@google.com>
Date: Wed, 30 May 2018 17:38:09 +0900
Subject: [PATCH] add extended_core_property_type

The attribute is used to capture system properties added from outside of
AOSP (e.g. by OEM), but are not device-specific and thus are used only
inside the system partition.

Access to the the system properties from outside of the system partition
is prevented by the neverallow rule.

Bug: 80382020
Bug: 78598545
Test: m -j selinux_policy
Merged-In: I22c083dc195dab84c9c21a79fbe3ad823a3bbb46
Change-Id: I22c083dc195dab84c9c21a79fbe3ad823a3bbb46
(cherry picked from commit c0f8f2f82a9526be7c7835f2ef9501948fd5b4ed)
---
 public/attributes  | 5 +++++
 public/property.te | 3 +++
 2 files changed, 8 insertions(+)

diff --git a/public/attributes b/public/attributes
index 0ec789c88..90e1148cb 100644
--- a/public/attributes
+++ b/public/attributes
@@ -77,6 +77,11 @@ attribute core_property_type;
 # All properties used to configure log filtering.
 attribute log_property_type;
 
+# All properties that are not specific to device but are added from
+# outside of AOSP. (e.g. OEM-specific properties)
+# These properties are not accessible from device-specific domains
+attribute extended_core_property_type;
+
 # All service_manager types created by system_server
 attribute system_server_service;
 
diff --git a/public/property.te b/public/property.te
index c9bcb8657..8113b82a9 100644
--- a/public/property.te
+++ b/public/property.te
@@ -160,6 +160,7 @@ compatible_property_only(`
     -vendor_init
   } {
     core_property_type
+    extended_core_property_type
     exported_config_prop
     exported_dalvik_prop
     exported_default_prop
@@ -256,6 +257,7 @@ compatible_property_only(`
     -vendor_init
   } {
     core_property_type
+    extended_core_property_type
     exported_dalvik_prop
     exported_ffs_prop
     exported_system_radio_prop
@@ -369,6 +371,7 @@ compatible_property_only(`
     -exported_system_radio_prop
     -exported_vold_prop
     -exported_wifi_prop
+    -extended_core_property_type
     -ffs_prop
     -fingerprint_prop
     -firstboot_prop
-- 
GitLab