ferrochrome: Add privapp permissions allowlist Test: m, boot Change-Id: I427652fe5d9f8da0055be13eaccd96a1840891cf

commit: 4f55b6a1a7cdb2bbb076600d41671dd16bd71e39 [log] [tgz]
author: Luca Stefani <luca.stefani.ge1@gmail.com> Wed Jul 17 11:41:05 2024 +0200
committer: Luca Stefani <luca.stefani.ge1@gmail.com> Wed Jul 17 11:46:10 2024 +0200
tree: f7e7c41866c7e777e372d76e5c86a3ca7f4d8b06
parent: 6a8d2089ebaac2cbc785eb9301255c90934163f1 [diff]
diff --git a/ferrochrome_app/Android.bp b/ferrochrome_app/Android.bp
index 29a16d0..9f0c735 100644
--- a/ferrochrome_app/Android.bp
+++ b/ferrochrome_app/Android.bp

@@ -11,7 +11,17 @@
     system_ext_specific: true,
     privileged: true,
     init_rc: ["custom_vm_setup.rc"],
-    required: ["custom_vm_setup"],
+    required: [
+        "custom_vm_setup",
+        "privapp-permissions-ferrochrome.xml",
+    ],
+}
+
+prebuilt_etc {
+    name: "privapp-permissions-ferrochrome.xml",
+    src: "privapp-permissions-ferrochrome.xml",
+    sub_dir: "permissions",
+    system_ext_specific: true,
 }
 
 sh_binary {

diff --git a/ferrochrome_app/privapp-permissions-ferrochrome.xml b/ferrochrome_app/privapp-permissions-ferrochrome.xml
new file mode 100644
index 0000000..987db9c
--- /dev/null
+++ b/ferrochrome_app/privapp-permissions-ferrochrome.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<permissions>
+    <privapp-permissions package="com.android.virtualization.ferrochrome">
+        <permission name="android.permission.KILL_ALL_BACKGROUND_PROCESSES"/>
+    </privapp-permissions>
+</permissions>
\ No newline at end of file
commit	4f55b6a1a7cdb2bbb076600d41671dd16bd71e39	[log] [tgz]
author	Luca Stefani <luca.stefani.ge1@gmail.com>	Wed Jul 17 11:41:05 2024 +0200
committer	Luca Stefani <luca.stefani.ge1@gmail.com>	Wed Jul 17 11:46:10 2024 +0200
tree	f7e7c41866c7e777e372d76e5c86a3ca7f4d8b06
parent	6a8d2089ebaac2cbc785eb9301255c90934163f1 [diff]