From 1492b4913adf9ad275c54c73961419cb47bbee08 Mon Sep 17 00:00:00 2001 From: Nattharat Jariyanuntanaet Date: Thu, 15 Aug 2024 13:22:07 +0000 Subject: [PATCH] Update sepolicy for nfc antenna selftest values Allow persist.vendor.nfc.antenna. to be vendor public values for NFC companion app to access from userdebug or eng builds avc: denied { read } for name="u:object_r:vendor_nfc_antenna_prop:s0" dev="tmpfs" ino=414 scontext=u:r:untrusted_app:s0:c79,c257,c512,c768 tcontext=u:object_r:vendor_nfc_antenna_prop:s0 tclass=file permissive=0 app=com.google.android.apps.internal.nfcassistancetool Bug: 361050657 Test: m selinux_policy Flag: NONE add permission Change-Id: I47c54642dbc801dfcaee8330e75a29d11030337c --- legacy/whitechapel_pro/property.te | 2 ++ legacy/whitechapel_pro/property_contexts | 1 + vendor/hal_nfc_default.te | 6 +++++- 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/legacy/whitechapel_pro/property.te b/legacy/whitechapel_pro/property.te index 7fe48175..ff5ef044 100644 --- a/legacy/whitechapel_pro/property.te +++ b/legacy/whitechapel_pro/property.te @@ -1,4 +1,6 @@ +# Vendor vendor_internal_prop(vendor_nfc_prop) +vendor_restricted_prop(vendor_nfc_antenna_prop) vendor_internal_prop(vendor_secure_element_prop) vendor_internal_prop(vendor_battery_profile_prop) vendor_internal_prop(vendor_camera_prop) diff --git a/legacy/whitechapel_pro/property_contexts b/legacy/whitechapel_pro/property_contexts index fa5c9170..a4222060 100644 --- a/legacy/whitechapel_pro/property_contexts +++ b/legacy/whitechapel_pro/property_contexts @@ -3,6 +3,7 @@ persist.vendor.testing_battery_profile u:object_r:vendor_battery_profile_pro # NFC persist.vendor.nfc. u:object_r:vendor_nfc_prop:s0 +persist.vendor.nfc.antenna. u:object_r:vendor_nfc_antenna_prop:s0 # SecureElement persist.vendor.se. u:object_r:vendor_secure_element_prop:s0 diff --git a/vendor/hal_nfc_default.te b/vendor/hal_nfc_default.te index d71d9e28..d4dcf471 100644 --- a/vendor/hal_nfc_default.te +++ b/vendor/hal_nfc_default.te @@ -1,5 +1,9 @@ # HAL NFC property -get_prop(hal_nfc_default, vendor_nfc_prop) +set_prop(hal_nfc_default, vendor_nfc_prop) +set_prop(hal_nfc_default, vendor_nfc_antenna_prop) +userdebug_or_eng( + get_prop(untrusted_app, vendor_nfc_antenna_prop) +) # SecureElement property set_prop(hal_nfc_default, vendor_secure_element_prop)