aoc: add policy to read system property

Solves error: 1 2-13 18:33:15.860000 root 1019 1019 I auditd : type=1400 audit(0.0:7): avc: denied { read } for comm="aocd" name="u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=404 scontext=u:r:aocd:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0 Test: on device Bug: 207711097 Change-Id: Ia28e1622746cca973ca66f437e0e655bbcaf7d66 Signed-off-by: Alex Iacobucci <alexiacobucci@google.com>
2023-12-13 19:22:28 +00:00 · 2023-12-13 19:22:28 +00:00 · 6461e33428
commit 6461e33428
parent 37493030cc
3 changed files with 6 additions and 3 deletions
--- a/aoc/sepolicy/aocd.te
+++ b/aoc/sepolicy/aocd.te
@ -20,4 +20,5 @@ allow aocd device:dir r_dir_perms;

 # set properties
 set_prop(aocd, vendor_aoc_prop)
-set_prop(aocd, vendor_timeout_aoc_prop)
+set_prop(aocd, vendor_timeout_aoc_prop)
+get_prop(aocd, vendor_volte_mif_off)
--- a/aoc/sepolicy/property.te
+++ b/aoc/sepolicy/property.te
@ -1,3 +1,4 @@
 # AoC
 vendor_internal_prop(vendor_aoc_prop)
-vendor_internal_prop(vendor_timeout_aoc_prop)
+vendor_internal_prop(vendor_timeout_aoc_prop)
+vendor_internal_prop(vendor_volte_mif_off)
--- a/aoc/sepolicy/property_contexts
+++ b/aoc/sepolicy/property_contexts
@ -1,3 +1,4 @@
 # AoC
 vendor.aoc.firmware.version                     u:object_r:vendor_aoc_prop:s0
-persist.vendor.aoc.status_request_timed_out     u:object_r:vendor_timeout_aoc_prop:s0
+persist.vendor.aoc.status_request_timed_out     u:object_r:vendor_timeout_aoc_prop:s0
+persist.vendor.radio.volte_mif_off              u:object_r:vendor_volte_mif_off:s0