Add necessary sepolicy for ro.vendor.persist.status

This prop will be set to "mounted" after /mnt/vendor/persist mounts.
Need this prop to synchronize different actions in init.rc script.

Test: th
Bug: 319335586
Change-Id: I9e8bd5e875956393d610b7def6be713565543d05

legacy/whitechapel_pro/property.te

@@ -6,6 +6,7 @@ vendor_internal_prop(vendor_camera_fatp_prop)
 vendor_internal_prop(vendor_ro_sys_default_prop)
 vendor_internal_prop(vendor_persist_sys_default_prop)
 vendor_internal_prop(vendor_display_prop)
+vendor_internal_prop(vendor_persist_prop)
 
 # UWB calibration
 system_vendor_config_prop(vendor_uwb_calibration_prop)

vendor/property_contexts

@@ -28,3 +28,6 @@ ro.vendor.primarydisplay.xrr.version                           u:object_r:vendor
 ro.vendor.primarydisplay.blocking_zone.min_refresh_rate_by_nits u:object_r:vendor_display_prop:s0 exact string
 ro.vendor.primarydisplay.vrr.expected_present.headsup_ns       u:object_r:vendor_display_prop:s0 exact int
 ro.vendor.primarydisplay.vrr.expected_present.timeout_ns       u:object_r:vendor_display_prop:s0 exact int
+
+# For checking if persist partition is mounted
+ro.vendor.persist.status u:object_r:vendor_persist_prop:s0 exact string

vendor/tee.te

@@ -10,6 +10,11 @@ allow tee tee_data_file:lnk_file r_file_perms;
 allow tee tee_persist_block_device:blk_file rw_file_perms;
 allow tee block_device:dir search;
 
+
+# /mnt/vendor/persist/ss/0 sometimes gets labeled as persist_ss_file,
+# depending on the order of restorecon (b/336314247)
+allow tee persist_ss_file:lnk_file read;
+
 # Allow storageproxyd access to gsi_public_metadata_file
 read_fstab(tee)
 

vendor/vendor_init.te

@@ -34,3 +34,7 @@ set_prop(vendor_init, vendor_ssrdump_prop)
 
 # MM
 allow vendor_init proc_watermark_scale_factor:file w_file_perms;
+
+# Allow vendor_init to read ro.vendor.persist.status
+# to process init.rc actions
+set_prop(vendor_init, vendor_persist_prop)