Update sepolicy of statsd to be able to find incident_service

Test: manual testing Change-Id: Ia97c956c08d2062af6b33622c6b61ca3810b0cb1

Update sepolicy of statsd to be able to find incident_service
cf38ca5e · yro · Howard Ro · 97c56bdd · cf38ca5e · cf38ca5e
Commit cf38ca5e authored 7 years ago by yro Committed by Howard Ro 7 years ago
--- a/private/incidentd.te
+++ b/private/incidentd.te
@@ -99,7 +99,14 @@ binder_call(incidentd, incident)
 ###
 # only system_server, system_app and incident command can find the incident service
-neverallow { domain -system_server -system_app -incident -incidentd } incident_service:service_manager find;
+neverallow {
+  domain
+  -incident
+  -incidentd
+  -statsd
+  -system_app
+  -system_server
+} incident_service:service_manager find;
 # only incidentd and the other root services in limited circumstances
 # can get to the files in /data/misc/incidents

--- a/private/statsd.te
+++ b/private/statsd.te
@@ -41,8 +41,9 @@ unix_socket_connect(statsd, traced_consumer, traced)
 # Grant statsd with permissions to register the services.
 allow statsd {
-  statscompanion_service
  app_api_service
+  incident_service
+  statscompanion_service
  system_api_service
 }:service_manager find;