From b24e69dca835c69e2e99994f0596f15583d93db7 Mon Sep 17 00:00:00 2001
From: Connor O'Brien <connoro@google.com>
Date: Wed, 9 Nov 2016 10:33:03 -0800
Subject: [PATCH] Allow update_verifier to use boot HIDL HAL

Test: Flashed device and verified no update_verifier permission denials
Change-Id: I5de063c202aefef399645b153f68ff7909989eba
Signed-off-by: Connor O'Brien <connoro@google.com>
---
 public/update_verifier.te | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/public/update_verifier.te b/public/update_verifier.te
index 731b6230a..550cf659f 100644
--- a/public/update_verifier.te
+++ b/public/update_verifier.te
@@ -13,3 +13,8 @@ allow update_verifier ota_package_file:file r_file_perms;
 # Read all blocks in system partition.
 allow update_verifier system_block_device:blk_file r_file_perms;
 
+# Use binderized HAL
+hwbinder_use(update_verifier)
+binder_call(update_verifier, hal_boot)
+
+allow update_verifier system_file:dir r_dir_perms;
-- 
GitLab