Fix sepolicy for bt.rootcanal_test_console
Move this static property out of the init rc and back into the vendor
build.prop, and add proper sepolicy for it.
Bug: 129435174
Change-Id: Id9b0aa728ab2d65b0a9ca3edc007ea25fccdeb58
diff --git a/shared/config/init.common.rc b/shared/config/init.common.rc
index 0e857f0..062b0fa 100644
--- a/shared/config/init.common.rc
+++ b/shared/config/init.common.rc
@@ -13,9 +13,6 @@
setprop ro.sf.lcd_density ${ro.boot.lcd_density}
setprop ro.setupwizard.mode ${ro.boot.setupwizard_mode}
- # Disable the rootcanal test console as it violates selinux policy
- setprop bt.rootcanal_test_console off
-
on init
# ZRAM setup
diff --git a/shared/device.mk b/shared/device.mk
index c96671a..7743ee4 100644
--- a/shared/device.mk
+++ b/shared/device.mk
@@ -25,6 +25,7 @@
# ro.opengles.version OpenGLES 3.0
PRODUCT_PROPERTY_OVERRIDES += \
tombstoned.max_tombstone_count=500 \
+ bt.rootcanal_test_console=off \
debug.hwui.swap_with_damage=0 \
ro.carrier=unknown \
ro.com.android.dataroaming=false \
diff --git a/shared/sepolicy/hal_bluetooth_sim.te b/shared/sepolicy/hal_bluetooth_sim.te
index fefeed1..82bab59 100644
--- a/shared/sepolicy/hal_bluetooth_sim.te
+++ b/shared/sepolicy/hal_bluetooth_sim.te
@@ -1,6 +1,9 @@
type hal_bluetooth_sim, domain;
type hal_bluetooth_sim_exec, exec_type, vendor_file_type, file_type;
+type hal_bluetooth_sim_prop, property_type;
hal_server_domain(hal_bluetooth_sim, hal_bluetooth)
init_daemon_domain(hal_bluetooth_sim)
+
+get_prop(hal_bluetooth_sim, hal_bluetooth_sim_prop)
diff --git a/shared/sepolicy/property_contexts b/shared/sepolicy/property_contexts
index d1fe5fe..a05cb2d 100644
--- a/shared/sepolicy/property_contexts
+++ b/shared/sepolicy/property_contexts
@@ -1,3 +1,4 @@
+bt.rootcanal_test_console u:object_r:hal_bluetooth_sim_prop:s0
sys.cf.ser. u:object_r:sys_cf_ser_prop:s0
vendor.ser. u:object_r:vendor_ser_prop:s0
ro.boot.vsock_logcat_port u:object_r:vsock_logcat_port_prop:s0
diff --git a/shared/sepolicy/vendor_init.te b/shared/sepolicy/vendor_init.te
index 66bab7e..26166d1 100644
--- a/shared/sepolicy/vendor_init.te
+++ b/shared/sepolicy/vendor_init.te
@@ -7,4 +7,6 @@
region_screen_device
}:chr_file { getattr };
+set_prop(vendor_init, hal_bluetooth_sim_prop)
+
set_prop(vendor_init, vendor_init_radio_prop)