diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil index 133c9b2cc..6e1f096c8 100644 --- a/private/compat/29.0/29.0.ignore.cil +++ b/private/compat/29.0/29.0.ignore.cil @@ -21,6 +21,7 @@ mock_ota_prop ota_metadata_file art_apex_dir + service_manager_service system_group_file system_passwd_file vendor_apex_file diff --git a/private/service_contexts b/private/service_contexts index 2f4a2f8f1..defdfa4e7 100644 --- a/private/service_contexts +++ b/private/service_contexts @@ -168,6 +168,7 @@ sensorservice u:object_r:sensorservice_service:s0 sensor_privacy u:object_r:sensor_privacy_service:s0 serial u:object_r:serial_service:s0 servicediscovery u:object_r:servicediscovery_service:s0 +manager u:object_r:service_manager_service:s0 settings u:object_r:settings_service:s0 shortcut u:object_r:shortcut_service:s0 simphonebook_msim u:object_r:radio_service:s0 diff --git a/public/service.te b/public/service.te index f69e5e385..624d94927 100644 --- a/public/service.te +++ b/public/service.te @@ -25,6 +25,7 @@ type netd_service, service_manager_type; type nfc_service, service_manager_type; type radio_service, service_manager_type; type secure_element_service, service_manager_type; +type service_manager_service, service_manager_type; type storaged_service, service_manager_type; type surfaceflinger_service, app_api_service, ephemeral_app_api_service, service_manager_type; type system_app_service, service_manager_type; diff --git a/public/servicemanager.te b/public/servicemanager.te index df209413f..10347d913 100644 --- a/public/servicemanager.te +++ b/public/servicemanager.te @@ -21,5 +21,7 @@ allow servicemanager service_contexts_file:file r_file_perms; # nonplat_service_contexts only accessible on non full-treble devices not_full_treble(`allow servicemanager nonplat_service_contexts_file:file r_file_perms;') +add_service(servicemanager, service_manager_service) + # Check SELinux permissions. selinux_check_access(servicemanager)