Flag-guard vfio_handler policies vfio_handler will be active only if device assignment feature is turned on. Bug: 306563735 Test: microdroid tests with and without the flag Change-Id: I5559dfca1a29852b65481c95f37edc9977ee9d7d

commit: 094e8e81a2f30bcf505b66223a1333cfc815b9f7 [log] [tgz]
author: Inseob Kim <inseob@google.com> Fri Nov 17 18:03:46 2023 +0900
committer: Inseob Kim <inseob@google.com> Wed Nov 22 05:28:20 2023 +0000
tree: c7a710af2969fca32e00da3580cd593eda47b929
parent: 9868a0ce1145bf6b3caaad69782e4afd1ce391a2 [diff] [blame]
diff --git a/private/service_contexts b/private/service_contexts
index 898cb14..6d0851c 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -152,7 +152,9 @@
 android.service.gatekeeper.IGateKeeperService    u:object_r:gatekeeper_service:s0
 android.system.composd                    u:object_r:compos_service:s0
 android.system.virtualizationservice      u:object_r:virtualization_service:s0
-android.system.virtualizationservice_internal.IVfioHandler u:object_r:vfio_handler_service:s0
+is_flag_enabled(RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT, `
+    android.system.virtualizationservice_internal.IVfioHandler u:object_r:vfio_handler_service:s0
+')
 ambient_context                           u:object_r:ambient_context_service:s0
 app_binding                               u:object_r:app_binding_service:s0
 app_hibernation                           u:object_r:app_hibernation_service:s0
commit	094e8e81a2f30bcf505b66223a1333cfc815b9f7	[log] [tgz]
author	Inseob Kim <inseob@google.com>	Fri Nov 17 18:03:46 2023 +0900
committer	Inseob Kim <inseob@google.com>	Wed Nov 22 05:28:20 2023 +0000
tree	c7a710af2969fca32e00da3580cd593eda47b929
parent	9868a0ce1145bf6b3caaad69782e4afd1ce391a2 [diff] [blame]