Merge changes from topic "240932137"
* changes:
Add oemlock aidl service sepolicy
gsc.mk: install oemlock aidl service
diff --git a/dauntless/gsc.mk b/dauntless/gsc.mk
index d3fb5e9..076ce4d 100644
--- a/dauntless/gsc.mk
+++ b/dauntless/gsc.mk
@@ -8,6 +8,7 @@
android.hardware.weaver@1.0-service.citadel \
android.hardware.weaver-service.citadel \
android.hardware.authsecret-service.citadel \
+ android.hardware.oemlock-service.citadel \
android.hardware.identity@1.0-service.citadel \
init_citadel \
android.hardware.strongbox_keystore.xml \
diff --git a/dauntless/sepolicy/file_contexts b/dauntless/sepolicy/file_contexts
index 8d59a51..0fba0da 100644
--- a/dauntless/sepolicy/file_contexts
+++ b/dauntless/sepolicy/file_contexts
@@ -6,6 +6,7 @@
/vendor/bin/hw/android\.hardware\.weaver-service\.citadel u:object_r:hal_weaver_citadel_exec:s0
/vendor/bin/hw/android\.hardware\.identity@1\.0-service\.citadel u:object_r:hal_identity_citadel_exec:s0
/vendor/bin/hw/android\.hardware\.authsecret-service\.citadel u:object_r:hal_authsecret_citadel_exec:s0
+/vendor/bin/hw/android\.hardware\.oemlock-service\.citadel u:object_r:hal_oemlock_citadel_exec:s0
/vendor/bin/hw/citadel_updater u:object_r:citadel_updater:s0
/vendor/bin/hw/citadeld u:object_r:citadeld_exec:s0
diff --git a/dauntless/sepolicy/hal_oemlock_citadel.te b/dauntless/sepolicy/hal_oemlock_citadel.te
new file mode 100644
index 0000000..d3ff719
--- /dev/null
+++ b/dauntless/sepolicy/hal_oemlock_citadel.te
@@ -0,0 +1,9 @@
+type hal_oemlock_citadel, domain;
+type hal_oemlock_citadel_exec, exec_type, vendor_file_type, file_type;
+
+vndbinder_use(hal_oemlock_citadel)
+binder_call(hal_oemlock_citadel, citadeld)
+allow hal_oemlock_citadel citadeld_service:service_manager find;
+
+hal_server_domain(hal_oemlock_citadel, hal_oemlock)
+init_daemon_domain(hal_oemlock_citadel)