Merge "Enable tracing of the ion/ion_stat events"
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 8557aea..b7d6b66 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -21,6 +21,7 @@
atrace
binder_calls_stats_service
biometric_service
+ boot_status_prop
bootloader_boot_reason_prop
blank_screen
blank_screen_exec
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index e41ee74..3fdb0b4 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -23,6 +23,7 @@
blank_screen
blank_screen_exec
blank_screen_tmpfs
+ boot_status_prop
bootloader_boot_reason_prop
bluetooth_a2dp_offload_prop
bpfloader
diff --git a/private/compat/29.0/29.0.cil b/private/compat/29.0/29.0.cil
index 410d8e4..26a2d34 100644
--- a/private/compat/29.0/29.0.cil
+++ b/private/compat/29.0/29.0.cil
@@ -1205,7 +1205,7 @@
(typeattributeset exported2_vold_prop_29_0 (exported2_vold_prop vold_config_prop))
(typeattributeset exported3_default_prop_29_0 (exported3_default_prop))
(typeattributeset exported3_radio_prop_29_0 (exported3_radio_prop))
-(typeattributeset exported3_system_prop_29_0 (exported3_system_prop))
+(typeattributeset exported3_system_prop_29_0 (exported3_system_prop boot_status_prop))
(typeattributeset exported_audio_prop_29_0 (exported_audio_prop))
(typeattributeset exported_bluetooth_prop_29_0 (exported_bluetooth_prop))
(typeattributeset exported_config_prop_29_0 (exported_config_prop))
diff --git a/private/domain.te b/private/domain.te
index 2369e55..5b6dd80 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -72,6 +72,7 @@
# For now, everyone can access core property files
# Device specific properties are not granted by default
not_compatible_property(`
+ get_prop(domain, boot_status_prop)
get_prop(domain, core_property_type)
get_prop(domain, dalvik_config_prop)
get_prop(domain, exported_ffs_prop)
@@ -86,6 +87,7 @@
get_prop(domain, vold_config_prop)
')
compatible_property_only(`
+ get_prop({coredomain appdomain shell}, boot_status_prop)
get_prop({coredomain appdomain shell}, core_property_type)
get_prop({coredomain appdomain shell}, dalvik_config_prop)
get_prop({coredomain appdomain shell}, exported_ffs_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 93aebe1..640ae88 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -499,13 +499,13 @@
# vendor-init-readable
apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
-dev.bootcomplete u:object_r:exported3_system_prop:s0 exact bool
+dev.bootcomplete u:object_r:boot_status_prop:s0 exact bool
+sys.boot_completed u:object_r:boot_status_prop:s0 exact bool
persist.sys.device_provisioned u:object_r:exported3_system_prop:s0 exact string
persist.sys.theme u:object_r:theme_prop:s0 exact string
persist.sys.usb.usbradio.config u:object_r:exported3_system_prop:s0 exact string
-sys.boot_completed u:object_r:exported3_system_prop:s0 exact bool
sys.retaildemo.enabled u:object_r:exported3_system_prop:s0 exact int
sys.user.0.ce_available u:object_r:exported3_system_prop:s0 exact bool
sys.vdso u:object_r:exported3_system_prop:s0 exact string
@@ -724,6 +724,7 @@
ro.kernel.qemu u:object_r:exported_default_prop:s0 exact bool
ro.kernel.qemu. u:object_r:exported_default_prop:s0
ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
+ro.kernel.ebpf.supported u:object_r:exported_default_prop:s0 exact bool
ro.odm.build.date u:object_r:exported_default_prop:s0 exact string
ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int
diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 373889c..cf709df 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -51,10 +51,6 @@
# Create and use netlink kobject uevent sockets.
allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
-# Get properties.
-get_prop(surfaceflinger, surfaceflinger_prop)
-neverallow { domain -coredomain -vendor_init } surfaceflinger_prop:file no_rw_file_perms;
-
# Set properties.
set_prop(surfaceflinger, system_prop)
set_prop(surfaceflinger, exported_system_prop)
diff --git a/private/system_server.te b/private/system_server.te
index 6c1fa9a..4fc507f 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -620,6 +620,7 @@
set_prop(system_server, exported_pm_prop)
set_prop(system_server, socket_hook_prop)
set_prop(system_server, audio_prop)
+set_prop(system_server, boot_status_prop)
userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
# ctl interface
@@ -1163,3 +1164,5 @@
# Do not allow any domain other than init or system server to set the property
neverallow { domain -init -system_server } socket_hook_prop:property_service set;
+
+neverallow { domain -init -system_server } boot_status_prop:property_service set;
diff --git a/public/domain.te b/public/domain.te
index e6c6834..8e6e150 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -105,6 +105,7 @@
get_prop(domain, exported2_default_prop)
get_prop(domain, logd_prop)
get_prop(domain, socket_hook_prop)
+get_prop(domain, surfaceflinger_prop)
get_prop(domain, vendor_socket_hook_prop)
get_prop(domain, vndk_prop)
get_prop(domain, vold_status_prop)
diff --git a/public/property.te b/public/property.te
index 9056c86..96866b3 100644
--- a/public/property.te
+++ b/public/property.te
@@ -54,11 +54,10 @@
')
# Properties which can't be written outside system
-
-# Properties used by binder caches
system_restricted_prop(binder_cache_bluetooth_server_prop)
system_restricted_prop(binder_cache_system_server_prop)
system_restricted_prop(binder_cache_telephony_server_prop)
+system_restricted_prop(boot_status_prop)
system_restricted_prop(bq_config_prop)
system_restricted_prop(module_sdkextensions_prop)
system_restricted_prop(nnapi_ext_deny_product_prop)
diff --git a/public/vendor_init.te b/public/vendor_init.te
index dd74005..d661d81 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -238,6 +238,7 @@
set_prop(vendor_init, virtual_ab_prop)
set_prop(vendor_init, wifi_log_prop)
+get_prop(vendor_init, boot_status_prop)
get_prop(vendor_init, exported2_radio_prop)
get_prop(vendor_init, exported3_system_prop)
get_prop(vendor_init, theme_prop)
