From 803aa115b8179fb8fd44362a7b5bcf90a5bbc83d Mon Sep 17 00:00:00 2001
From: Fyodor Kupolov <fkupolov@google.com>
Date: Tue, 28 Feb 2017 10:08:43 -0800
Subject: [PATCH] Enforce privapp-permissions

Test: build system image and
      run development/tools/privapp_permissions/privapp_permissions.py
      should return no results

Bug: 34872687
Change-Id: Id31606976c90f264d8d873757180306767293792
---
 aosp_taimen.mk | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/aosp_taimen.mk b/aosp_taimen.mk
index 4668370..a759499 100644
--- a/aosp_taimen.mk
+++ b/aosp_taimen.mk
@@ -18,6 +18,10 @@
 $(call inherit-product, $(SRC_TARGET_DIR)/product/core_64_bit.mk)
 $(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_base_telephony.mk)
 
+# Enforce privapp-permissions whitelist
+PRODUCT_PROPERTY_OVERRIDES += \
+    ro.control_privapp_permissions=enforce
+
 PRODUCT_NAME := aosp_taimen
 PRODUCT_DEVICE := taimen
 PRODUCT_BRAND := Android