From f1fcb6a099199f122d42c84b9a5d369ee0b5291d Mon Sep 17 00:00:00 2001 From: Bill Richardson Date: Thu, 8 Jun 2023 17:15:04 -0500 Subject: [PATCH] Allow citadeld to set a property on firmware changes This will allow services which need to be aware of Dauntless firmware changes to be notified by an init script trigger on that property. Bug: 286433589 Test: manual Build an image with this change, confirm that `getprop vendor.nos.citadel.version` returns the current Dauntless firmware version string. Update the Dauntless firmware, confirm that the property value changes to match. Change-Id: I45ce87070ce2b6c9fff2c8119db50445b0e576b3 Signed-off-by: Bill Richardson --- dauntless/sepolicy/citadeld.te | 2 ++ dauntless/sepolicy/property.te | 1 + dauntless/sepolicy/property_contexts | 1 + 3 files changed, 4 insertions(+) create mode 100644 dauntless/sepolicy/property.te create mode 100644 dauntless/sepolicy/property_contexts diff --git a/dauntless/sepolicy/citadeld.te b/dauntless/sepolicy/citadeld.te index 86cb61c..60c633c 100644 --- a/dauntless/sepolicy/citadeld.te +++ b/dauntless/sepolicy/citadeld.te @@ -11,3 +11,5 @@ binder_call(citadeld, system_server) allow citadeld citadel_device:chr_file rw_file_perms; allow citadeld fwk_stats_service:service_manager find; allow citadeld hal_power_stats_vendor_service:service_manager find; + +set_prop(citadeld, vendor_nos_citadel_version); diff --git a/dauntless/sepolicy/property.te b/dauntless/sepolicy/property.te new file mode 100644 index 0000000..2e1c4ec --- /dev/null +++ b/dauntless/sepolicy/property.te @@ -0,0 +1 @@ +vendor_internal_prop(vendor_nos_citadel_version) diff --git a/dauntless/sepolicy/property_contexts b/dauntless/sepolicy/property_contexts new file mode 100644 index 0000000..835de17 --- /dev/null +++ b/dauntless/sepolicy/property_contexts @@ -0,0 +1 @@ +vendor.nos.citadel.version u:object_r:vendor_nos_citadel_version:s0