From bdccd2c97b2964be1f3af463696b933d631e9a7f Mon Sep 17 00:00:00 2001 From: malikakash Date: Wed, 19 Jul 2023 21:24:31 +0000 Subject: [PATCH] Add sepolicy to allow pbcs to use SysProps -Add custom domain for our sysprops, of the forms -vendor.camera.pbcs.debug.* -persist.vendor.camera.pbcs.debug.* -Example: vendor.camera.pbcs.debug.enable_lyricconfigprovider -This domain will be system + vendor_init writable -Allow PBCS to read those sysprops We should now be able to gate our features in PBCS and merge in successfully. For local dev, we can do: adb root && adb shell setprop 1 Bug: 280340307 Test: android.os.SystemProperties.get() works successfully in LyricConfigProvider for vendor.camera.pbcs.debug.* props Change-Id: I4b151f606883c0ae32f99b5f75b70b5d4e228f1d --- camera/sepolicy/property.te | 1 + camera/sepolicy/property_contexts | 2 ++ camera/sepolicy/vendor_pbcs_app.te | 5 +++++ 3 files changed, 8 insertions(+) diff --git a/camera/sepolicy/property.te b/camera/sepolicy/property.te index 19d6a2f..1f899b6 100644 --- a/camera/sepolicy/property.te +++ b/camera/sepolicy/property.te @@ -1,2 +1,3 @@ vendor_internal_prop(vendor_camera_debug_prop) +system_vendor_config_prop(vendor_camera_pbcs_debug_prop) diff --git a/camera/sepolicy/property_contexts b/camera/sepolicy/property_contexts index 5e2c815..0093487 100644 --- a/camera/sepolicy/property_contexts +++ b/camera/sepolicy/property_contexts @@ -1,2 +1,4 @@ vendor.camera.debug. u:object_r:vendor_camera_debug_prop:s0 +persist.vendor.camera.pbcs.debug. u:object_r:vendor_camera_pbcs_debug_prop:s0 +vendor.camera.pbcs.debug. u:object_r:vendor_camera_pbcs_debug_prop:s0 diff --git a/camera/sepolicy/vendor_pbcs_app.te b/camera/sepolicy/vendor_pbcs_app.te index 1a3a0ef..d068308 100644 --- a/camera/sepolicy/vendor_pbcs_app.te +++ b/camera/sepolicy/vendor_pbcs_app.te @@ -12,3 +12,8 @@ add_service(vendor_pbcs_app, vendor_camera_binder_service); add_service(vendor_pbcs_app, vendor_camera_lyricconfigprovider_service); binder_call(vendor_pbcs_app, hal_camera_default); + +# Allow PBCS to read debug system properties of the form vendor.camera.pbcs.debug.* +# and persist.vendor.camera.pbcs.debug.* +get_prop(vendor_pbcs_app, vendor_camera_pbcs_debug_prop); +