From 71e8dc8fcd93e4900f9880c2b7fbb04dee99e854 Mon Sep 17 00:00:00 2001
From: minaripenguin <minaripenguin@users.noreply.github.com>
Date: Tue, 17 Jan 2023 10:06:49 +0800
Subject: [PATCH] sepolicy: allow system_server to set tethering properties

01-17 09:56:57.302     1     1 W /system/bin/init: type=1107 audit(0.0:10515): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.device_config.tethering.bpf_net_maps_enable_java_bpf_map pid=1427 uid=1000 gid=1000 scontext=u:r:system_server:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service permissive=0'
01-17 09:56:57.306  1427  1972 W libc    : Unable to set property "persist.device_config.tethering.bpf_net_maps_enable_java_bpf_map" to "0": error code: 0x18

Signed-off-by: minaripenguin <minaripenguin@users.noreply.github.com>
---
 private/property.te       | 1 +
 private/property_contexts | 1 +
 private/system_server.te  | 3 +++
 3 files changed, 5 insertions(+)

diff --git a/private/property.te b/private/property.te
index 41a4c2ff3..e594272f6 100644
--- a/private/property.te
+++ b/private/property.te
@@ -13,6 +13,7 @@ system_internal_prop(device_config_window_manager_native_boot_prop)
 system_internal_prop(device_config_configuration_prop)
 system_internal_prop(device_config_connectivity_prop)
 system_internal_prop(device_config_swcodec_native_prop)
+system_internal_prop(device_config_tethering_prop)
 system_internal_prop(dmesgd_start_prop)
 system_internal_prop(fastbootd_protocol_prop)
 system_internal_prop(gsid_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 7e94997f8..dbedf1ec4 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -261,6 +261,7 @@ persist.device_config.vendor_system_native.         u:object_r:device_config_ven
 persist.device_config.vendor_system_native_boot.    u:object_r:device_config_vendor_system_native_boot_prop:s0
 persist.device_config.virtualization_framework_native. u:object_r:device_config_virtualization_framework_native_prop:s0
 persist.device_config.window_manager_native_boot.   u:object_r:device_config_window_manager_native_boot_prop:s0
+persist.device_config.tethering.   		    u:object_r:device_config_tethering_prop:s0
 
 # F2FS smart idle maint prop
 persist.device_config.storage_native_boot.smart_idle_maint_enabled u:object_r:smart_idle_maint_enabled_prop:s0 exact bool
diff --git a/private/system_server.te b/private/system_server.te
index 6d3bc78d2..1d55d5431 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1071,6 +1071,9 @@ get_prop(system_server, adbd_prop)
 # Set persist.adb.tls_server.enable property
 set_prop(system_server, system_adbd_prop)
 
+# Set tethering properties
+set_prop(system_server, device_config_tethering_prop)
+
 # Allow invoking tools like "timeout"
 allow system_server toolbox_exec:file rx_file_perms;