From 92a659256fdb8be9d64e2282efac82ac32a93f2a Mon Sep 17 00:00:00 2001 From: Rios Kao Date: Tue, 21 May 2024 02:53:29 +0000 Subject: [PATCH] audio: add a restricted property for audio app. note: For app layer to access specific property, define persist.vendor.app.audio. and set it as restricted. Test: build pass Bug: 333497194 Change-Id: I397a1bcb9bd16c7fa236049eead30b6e17a996b5 --- audio/sepolicy/common/property.te | 3 +++ audio/sepolicy/common/property_contexts | 3 +++ audio/sepolicy/common/vendor_init.te | 3 +++ 3 files changed, 9 insertions(+) diff --git a/audio/sepolicy/common/property.te b/audio/sepolicy/common/property.te index e2ffcd1..2287b84 100644 --- a/audio/sepolicy/common/property.te +++ b/audio/sepolicy/common/property.te @@ -1,2 +1,5 @@ # Audio vendor_internal_prop(vendor_audio_prop) + +# The property for Audio App +vendor_restricted_prop(vendor_audio_prop_restricted) diff --git a/audio/sepolicy/common/property_contexts b/audio/sepolicy/common/property_contexts index 1749ac8..96e678c 100644 --- a/audio/sepolicy/common/property_contexts +++ b/audio/sepolicy/common/property_contexts @@ -9,3 +9,6 @@ vendor.audiodump.encode.disable u:object_r:vendor_audio_prop:s0 vendor.audiodump.log.cca.updated u:object_r:vendor_audio_prop:s0 vendor.audiodump.cca.config u:object_r:vendor_audio_prop:s0 vendor.audio_hal.aidl.enable u:object_r:vendor_audio_prop:s0 + +# for audio app +persist.vendor.app.audio. u:object_r:vendor_audio_prop_restricted:s0 diff --git a/audio/sepolicy/common/vendor_init.te b/audio/sepolicy/common/vendor_init.te index 26f3fa8..1562d45 100644 --- a/audio/sepolicy/common/vendor_init.te +++ b/audio/sepolicy/common/vendor_init.te @@ -1,2 +1,5 @@ # Audio property set_prop(vendor_init, vendor_audio_prop) + +# Audio App property +set_prop(vendor_init, vendor_audio_prop_restricted)