From 3fbeb180db7ac652f651b3724806b784c8604c50 Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Mon, 22 Dec 2014 17:32:44 -0800
Subject: [PATCH] Allow find access to drmserver_service from nfc and 
 platform_app.

Address the following denials:
SELinux : avc:  denied  { find } for service=drm.drmManager scontext=u:r:nfc:s0 tcontext=u:object_r:drmserver_service:s0 tclass=service_manage
SELinux : avc:  denied  { find } for service=drm.drmManager scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:drmserver_service:s0 tclass=service_manager

Bug: 18831075
Change-Id: I2c162f58f4adae9f6c544f9d9c6a9300877b4f36
---
 nfc.te          | 1 +
 platform_app.te | 1 +
 2 files changed, 2 insertions(+)

diff --git a/nfc.te b/nfc.te
index ad88bd98f..0d1f613b0 100644
--- a/nfc.te
+++ b/nfc.te
@@ -18,6 +18,7 @@ allow nfc nfc_data_file:notdevfile_class_set create_file_perms;
 allow nfc sysfs_nfc_power_writable:file rw_file_perms;
 allow nfc sysfs:file write;
 
+allow nfc drmserver_service:service_manager find;
 allow nfc mediaserver_service:service_manager find;
 allow nfc nfc_service:service_manager add;
 allow nfc surfaceflinger_service:service_manager find;
diff --git a/platform_app.te b/platform_app.te
index d34c9f1fc..9b9b0db48 100644
--- a/platform_app.te
+++ b/platform_app.te
@@ -28,6 +28,7 @@ allow platform_app media_rw_data_file:file create_file_perms;
 allow platform_app cache_file:dir create_dir_perms;
 allow platform_app cache_file:file create_file_perms;
 
+allow platform_app drmserver_service:service_manager find;
 allow platform_app mediaserver_service:service_manager find;
 allow platform_app radio_service:service_manager find;
 allow platform_app surfaceflinger_service:service_manager find;
-- 
GitLab