From 215fb3efe4091d992915d270b72bd83244e88f9b Mon Sep 17 00:00:00 2001
From: Tony Mak <tonymak@google.com>
Date: Fri, 13 Oct 2017 14:48:32 +0100
Subject: [PATCH] Add selinux policy for CrossProfileAppsService

CrossProfileAppsService allows apps to do limited cross profile
operations, like checking the caller package is installed in
the specified user. It is similar to LauncherAppsService in some sense.

Merged-In: I26e383a57c32c4dc9b779752b20000b283a5bfdc
Change-Id: I26e383a57c32c4dc9b779752b20000b283a5bfdc
Fix: 67765768
Test: Built with ag/3063260. Can boot and verified those APIs are working.
(cherry picked from commit 6536c9e0920fda975e9a1a240ea1c5e1ae9778a6)
---
 private/compat/26.0/26.0.ignore.cil | 1 +
 private/service_contexts            | 1 +
 public/service.te                   | 1 +
 3 files changed, 3 insertions(+)

diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 136041dbd..790133efa 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -6,6 +6,7 @@
   ( adbd_exec
     bootloader_boot_reason_prop
     broadcastradio_service
+    crossprofileapps_service
     e2fs
     e2fs_exec
     hal_broadcastradio_hwservice
diff --git a/private/service_contexts b/private/service_contexts
index 6a8843fc0..10d8d0995 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -32,6 +32,7 @@ contexthub                                u:object_r:contexthub_service:s0
 country_detector                          u:object_r:country_detector_service:s0
 coverage                                  u:object_r:coverage_service:s0
 cpuinfo                                   u:object_r:cpuinfo_service:s0
+crossprofileapps                          u:object_r:crossprofileapps_service:s0
 dbinfo                                    u:object_r:dbinfo_service:s0
 device_policy                             u:object_r:device_policy_service:s0
 device_identifiers                        u:object_r:device_identifiers_service:s0
diff --git a/public/service.te b/public/service.te
index b421c97d3..e48d4b705 100644
--- a/public/service.te
+++ b/public/service.te
@@ -48,6 +48,7 @@ type broadcastradio_service, system_server_service, service_manager_type;
 type cameraproxy_service, system_server_service, service_manager_type;
 type clipboard_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type contexthub_service, app_api_service,  system_server_service, service_manager_type;
+type crossprofileapps_service, app_api_service, system_server_service, service_manager_type;
 type IProxyService_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type commontime_management_service, system_server_service, service_manager_type;
 type companion_device_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
-- 
GitLab