From 214dfb940218d1989fd7e57ccbd1a7e21147ebe4 Mon Sep 17 00:00:00 2001
From: Luca Stefani <luca.stefani.ge1@gmail.com>
Date: Thu, 25 Jul 2019 18:05:40 +0200
Subject: [PATCH] lineage: Enforce privapp-permissions whitelist

Change-Id: I1ca080e5addcc0876d7346f3cf09db8e8af39312
---
 config/common.mk | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/config/common.mk b/config/common.mk
index 4f04a769..837e11ef 100644
--- a/config/common.mk
+++ b/config/common.mk
@@ -89,6 +89,10 @@ PRODUCT_COPY_FILES += \
     vendor/lineage/config/permissions/privapp-permissions-lineage.xml:system/etc/permissions/privapp-permissions-lineage.xml \
     vendor/lineage/config/permissions/privapp-permissions-cm-legacy.xml:system/etc/permissions/privapp-permissions-cm-legacy.xml
 
+# Enforce privapp-permissions whitelist
+PRODUCT_SYSTEM_DEFAULT_PROPERTIES += \
+    ro.control_privapp_permissions=enforce
+
 # Hidden API whitelist
 PRODUCT_COPY_FILES += \
     vendor/lineage/config/permissions/lineage-hiddenapi-package-whitelist.xml:system/etc/permissions/lineage-hiddenapi-package-whitelist.xml