Snap for 5339334 from 04321ae240d163c19104291e86f627eb2c6c15cd to pi-qpr3-releaseandroid-9.0.0_r46android-9.0.0_r44android-9.0.0_r43pie-qpr3-release

Change-Id: I62b22663ac29515bcf96e5dd1c196bfacbb12ec7

2 files changed, 16 insertions, 0 deletions

diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts
index 4b4bf861..56c530ae 100644
--- a/vendor/google/file_contexts
+++ b/vendor/google/file_contexts
@@ -13,6 +13,7 @@
 /vendor/bin/hw/android\.hardware\.secure_element@1\.0-service-disabled      u:object_r:hal_secure_element_default_exec:s0
 /vendor/bin/hw/android\.hardware\.power@1\.3-service\.bonito-libperfmgr     u:object_r:hal_power_default_exec:s0
 /vendor/bin/perfstatsd                                                      u:object_r:perfstatsd_exec:s0
+/vendor/bin/init\.firstboot\.sh                                             u:object_r:init-firstboot_exec:s0
 /vendor/bin/ramoops                                                         u:object_r:ramoops_exec:s0
 /vendor/bin/init\.ramoops\.sh                                               u:object_r:ramoops_exec:s0
 /vendor/bin/pixelstats-vendor                                               u:object_r:pixelstats_vendor_exec:s0
diff --git a/vendor/google/init-firstboot.te b/vendor/google/init-firstboot.te
new file mode 100644
index 00000000..7ca7168b
--- /dev/null
+++ b/vendor/google/init-firstboot.te
@@ -0,0 +1,15 @@
+type init-firstboot, domain;
+type init-firstboot_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(init-firstboot)
+
+allow init-firstboot vendor_shell_exec:file rx_file_perms;
+allow init-firstboot vendor_toolbox_exec:file rx_file_perms;
+
+# Read USB connection state
+allow init-firstboot sysfs_msm_subsys:dir search;
+r_dir_file(init-firstboot, sysfs_batteryinfo)
+
+# Set property to trigger a shutdown
+set_prop(init-firstboot, powerctl_prop)
+