From 87b0b914b189fff8703eca9bc89394641cd7ba88 Mon Sep 17 00:00:00 2001
From: Inseob Kim <inseob@google.com>
Date: Wed, 19 Aug 2020 20:25:44 +0900
Subject: [PATCH] sm6150-common: sepolicy: Attach vendor_property_type to
 properties

We are going to enforce that each property has an explicit owner, such
as system, vendor, or product. This attaches vendor_property_type to
properties defined under vendor sepolicy directories.

Bug: 159097992
Test: m selinux_policy && boot device
Change-Id: Ibed833cd9e5d786e82985ded6bc62abdf8cd9ded
Merged-In: Ibed833cd9e5d786e82985ded6bc62abdf8cd9ded
(cherry picked from commit 44eb8e1f89adf04fd413a69391fd444ba68af742)
(cherry picked from commit 1922128397116d551a663d5344b4456a84bf46eb)
---
 sepolicy/vendor/hal_fingerprint_default.te | 2 +-
 sepolicy/vendor/hal_power_default.te       | 2 +-
 sepolicy/vendor/hal_sensors_default.te     | 2 +-
 sepolicy/vendor/mi_thermald.te             | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/sepolicy/vendor/hal_fingerprint_default.te b/sepolicy/vendor/hal_fingerprint_default.te
index c8ba522..aa8eb7a 100644
--- a/sepolicy/vendor/hal_fingerprint_default.te
+++ b/sepolicy/vendor/hal_fingerprint_default.te
@@ -2,7 +2,7 @@ type hal_fingerprint_hwservice_xiaomi, hwservice_manager_type;
 type fingerprint_device, dev_type;
 type fingerprint_data_file, data_file_type, file_type;
 type vendor_sysfs_fod, sysfs_type, fs_type;
-type vendor_fp_prop, property_type;
+vendor_internal_prop(vendor_fp_prop)
 
 allow hal_fingerprint_default fingerprint_device:chr_file rw_file_perms;
 allow hal_fingerprint_default fingerprint_data_file:dir create_dir_perms;
diff --git a/sepolicy/vendor/hal_power_default.te b/sepolicy/vendor/hal_power_default.te
index 60ef04c..0cf37e4 100644
--- a/sepolicy/vendor/hal_power_default.te
+++ b/sepolicy/vendor/hal_power_default.te
@@ -1,5 +1,5 @@
 type proc_sched_energy_aware, proc_type, fs_type;
-type vendor_power_prop, property_type;
+vendor_internal_prop(vendor_power_prop)
 
 allow hal_power_default touchfeature_device:chr_file rw_file_perms;
 
diff --git a/sepolicy/vendor/hal_sensors_default.te b/sepolicy/vendor/hal_sensors_default.te
index 6ab52d5..9dc63f0 100644
--- a/sepolicy/vendor/hal_sensors_default.te
+++ b/sepolicy/vendor/hal_sensors_default.te
@@ -1,4 +1,4 @@
-type persist_sensors_prop, property_type;
+vendor_internal_prop(persist_sensors_prop)
 
 allow hal_sensors_default hal_audio_default:unix_stream_socket connectto;
 allow hal_sensors_default audio_socket:sock_file rw_file_perms;
diff --git a/sepolicy/vendor/mi_thermald.te b/sepolicy/vendor/mi_thermald.te
index 1069604..a8c99eb 100644
--- a/sepolicy/vendor/mi_thermald.te
+++ b/sepolicy/vendor/mi_thermald.te
@@ -1,7 +1,7 @@
 type mi_thermald, domain;
 type mi_thermald_exec, exec_type, vendor_file_type, file_type;
 
-type vendor_thermal_normal_prop, property_type;
+vendor_internal_prop(vendor_thermal_normal_prop)
 type thermal_data_file, data_file_type, file_type;
 
 init_daemon_domain(mi_thermald)