From c63529735a243cc380d7e3e4d9c7aadb63a86008 Mon Sep 17 00:00:00 2001
From: Ricky Wai <rickywai@google.com>
Date: Mon, 13 Nov 2017 17:52:05 +0000
Subject: [PATCH] Add network watchlist service SELinux policy rules

Bug: 63908748
Test: built, flashed, able to boot
Change-Id: I3cfead1d687112b5f8cd485c8f84083c566fbce2
---
 private/compat/26.0/26.0.ignore.cil | 1 +
 private/priv_app.te                 | 1 +
 private/service_contexts            | 1 +
 public/service.te                   | 1 +
 4 files changed, 4 insertions(+)

diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index edbf97ff5..4bcdf1682 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -21,6 +21,7 @@
     lowpan_service
     mediaprovider_tmpfs
     netd_stable_secret_prop
+    network_watchlist_service
     package_native_service
     statscompanion_service
     storaged_data_file
diff --git a/private/priv_app.te b/private/priv_app.te
index fce2c9019..9f8ef7946 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -29,6 +29,7 @@ allow priv_app mediametrics_service:service_manager find;
 allow priv_app mediadrmserver_service:service_manager find;
 allow priv_app mediaextractor_service:service_manager find;
 allow priv_app mediaserver_service:service_manager find;
+allow priv_app network_watchlist_service:service_manager find;
 allow priv_app nfc_service:service_manager find;
 allow priv_app oem_lock_service:service_manager find;
 allow priv_app radio_service:service_manager find;
diff --git a/private/service_contexts b/private/service_contexts
index ac7fb8ef7..bc7e3e003 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -40,6 +40,7 @@ devicestoragemonitor                      u:object_r:devicestoragemonitor_servic
 diskstats                                 u:object_r:diskstats_service:s0
 display                                   u:object_r:display_service:s0
 netd_listener                             u:object_r:netd_listener_service:s0
+network_watchlist                         u:object_r:network_watchlist_service:s0
 DockObserver                              u:object_r:DockObserver_service:s0
 dreams                                    u:object_r:dreams_service:s0
 drm.drmManager                            u:object_r:drmserver_service:s0
diff --git a/public/service.te b/public/service.te
index bc1244a78..1da93ae38 100644
--- a/public/service.te
+++ b/public/service.te
@@ -70,6 +70,7 @@ type diskstats_service, system_api_service, system_server_service, service_manag
 type display_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type font_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type netd_listener_service, system_server_service, service_manager_type;
+type network_watchlist_service, system_server_service, service_manager_type;
 type DockObserver_service, system_server_service, service_manager_type;
 type dreams_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type dropbox_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
-- 
GitLab