Add sepolicy for new AIDL sensorservice

Test: boot cuttlefish and check for avc denials Bug: 205764765 Change-Id: Ie9d02b43250ca3c5f642b2d87d2a5b532a9b5195
2022-11-07 20:41:10 +00:00 · 2022-11-07 20:41:10 +00:00 · e714ba95ed
commit e714ba95ed
parent f4ab6c9f3c
4 changed files with 4 additions and 0 deletions
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@ -108,6 +108,7 @@ var (
 		"android.hardware.wifi.IWifi/default":                                     EXCEPTION_NO_FUZZER,
 		"android.hardware.wifi.hostapd.IHostapd/default":                          EXCEPTION_NO_FUZZER,
 		"android.hardware.wifi.supplicant.ISupplicant/default":                    EXCEPTION_NO_FUZZER,
+		"android.frameworks.sensorservice.ISensorManager/default":                 EXCEPTION_NO_FUZZER,
 		"android.frameworks.stats.IStats/default":                                 EXCEPTION_NO_FUZZER,
 		"android.se.omapi.ISecureElementService/default":                          EXCEPTION_NO_FUZZER,
 		"android.system.keystore2.IKeystoreService/default":                       EXCEPTION_NO_FUZZER,
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@ -11,6 +11,7 @@
    device_config_memory_safety_native_prop
    device_config_vendor_system_native_prop
    devicelock_service
+    fwk_sensor_service
    hal_bootctl_service
    hal_cas_service
    hal_cpu_hwservice
--- a/private/service_contexts
+++ b/private/service_contexts
@ -1,4 +1,5 @@
 android.frameworks.stats.IStats/default                              u:object_r:fwk_stats_service:s0
+android.frameworks.sensorservice.ISensorManager/default              u:object_r:fwk_sensor_service:s0
 android.hardware.audio.core.IConfig/default                          u:object_r:hal_audio_service:s0
 android.hardware.audio.core.IModule/default                          u:object_r:hal_audio_service:s0
 android.hardware.audio.effect.IFactory/default                       u:object_r:hal_audio_service:s0
--- a/public/service.te
+++ b/public/service.te
@ -131,6 +131,7 @@ type platform_compat_service, app_api_service, ephemeral_app_api_service, system
 type face_service, app_api_service, system_server_service, service_manager_type;
 type fingerprint_service, app_api_service, system_server_service, service_manager_type;
 type fwk_stats_service, app_api_service, system_server_service, service_manager_type;
+type fwk_sensor_service, system_server_service, service_manager_type;
 type game_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type gfxinfo_service, system_api_service, system_server_service, service_manager_type;
 type gnss_time_update_service, system_server_service, service_manager_type;