From a11cdd2f93c6dc8244e3d4dc281f676f1b6314d2 Mon Sep 17 00:00:00 2001
From: Christine Franks <christyfranks@google.com>
Date: Fri, 17 Aug 2018 18:47:47 -0700
Subject: [PATCH] Add color_service selinux policy
Bug: 111215474
Test: boots
Change-Id: I98955bcd02f643400c3eb97232467c09a2c5c1e5
---
private/compat/26.0/26.0.ignore.cil | 1 +
private/compat/27.0/27.0.ignore.cil | 1 +
private/compat/28.0/28.0.ignore.cil | 1 +
private/priv_app.te | 1 +
private/service_contexts | 1 +
public/service.te | 1 +
6 files changed, 6 insertions(+)
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 1594979b6..e159ce256 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -17,6 +17,7 @@
bpfloader_exec
broadcastradio_service
cgroup_bpf
+ color_display_service
crossprofileapps_service
ctl_interface_restart_prop
ctl_interface_start_prop
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index d56de6861..16130972d 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -15,6 +15,7 @@
bpfloader
bpfloader_exec
cgroup_bpf
+ color_display_service
crossprofileapps_service
ctl_interface_restart_prop
ctl_interface_start_prop
diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index c40ea06d3..436d1798a 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -6,6 +6,7 @@
( activity_task_service
adb_service
fastbootd
+ color_display_service
hal_health_filesystem_hwservice
hal_system_suspend_default
hal_system_suspend_default_exec
diff --git a/private/priv_app.te b/private/priv_app.te
index 0afd721ad..f24afc0d9 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -24,6 +24,7 @@ allow priv_app { app_data_file privapp_data_file }:file execute;
allow priv_app app_api_service:service_manager find;
allow priv_app audioserver_service:service_manager find;
allow priv_app cameraserver_service:service_manager find;
+allow priv_app color_display_service:service_manager find;
allow priv_app drmserver_service:service_manager find;
allow priv_app mediacodec_service:service_manager find;
allow priv_app mediadrmserver_service:service_manager find;
diff --git a/private/service_contexts b/private/service_contexts
index c8296dd0f..6afe232cb 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -40,6 +40,7 @@ deviceidle u:object_r:deviceidle_service:s0
devicestoragemonitor u:object_r:devicestoragemonitor_service:s0
diskstats u:object_r:diskstats_service:s0
display u:object_r:display_service:s0
+color_display u:object_r:color_display_service:s0
netd_listener u:object_r:netd_listener_service:s0
network_watchlist u:object_r:network_watchlist_service:s0
DockObserver u:object_r:DockObserver_service:s0
diff --git a/public/service.te b/public/service.te
index 109056a9b..c6e7c4522 100644
--- a/public/service.te
+++ b/public/service.te
@@ -74,6 +74,7 @@ type device_identifiers_service, app_api_service, ephemeral_app_api_service, sys
type devicestoragemonitor_service, system_server_service, service_manager_type;
type diskstats_service, system_api_service, system_server_service, service_manager_type;
type display_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
+type color_display_service, system_server_service, service_manager_type;
type font_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type netd_listener_service, system_server_service, service_manager_type;
type network_watchlist_service, system_server_service, service_manager_type;
--
GitLab