Temporarily whitelisting system domains writing vendor props
system properties must not be used as a communication channel in between
system and vendor processes. However, there has been no enforcement on
this: system process could write system properties that are owned and
read by vendor processes and vice versa. Such communication should be
done over hwbinder and should be formally specified in HIDL.
Until we finish migrating the existing use cases of sysprops to HIDL,
whitelisting them in system_writes_vendor_properties_violators so that
the violators are clearly tracked.
These violators are allowed only for P, but not for Q.
Bug: 78598545
Test: m -j selinux_policy
Merged-In: I60b12f1232c77ad997c8c87e6d91baa14c626e94
Change-Id: I60b12f1232c77ad997c8c87e6d91baa14c626e94
(cherry picked from commit 3ee4e77674ecce82dadfcf5c64d87ce6d65a88b0)
7 files changed
