commit 0fa3fb0257b7535127a45b58a273336d132111bf
author Jeff Sharkey <jsharkey@android.com> Wed Sep 06 11:17:32 2017 -0600
committer Jeff Sharkey <jsharkey@android.com> Wed Sep 06 16:16:20 2017 -0600
tree f45e56079a44c36b7d1affc490df746c36f5cc53
parent 2075d32edf5f3a3eeb633be75b9d4959136858eb

Start paving the way for vold calls over Binder.

This change is the bare minimum needed to publish a new vold
Binder service and move the simple "reset" call over to go through
the new interface.

The new rules here are mirrored on the existing installd rules, but
with a handful of neverallow rules relaxed due to funky interactions
with hal_client_domain().

Test: builds, boots
Bug: 13758960
Change-Id: Ia9522ea7a68698cb0edce7879abfbf22b9d67c76

private/system_server.te

diff --git a/private/system_server.te b/private/system_server.te
index 1bf28b6..109587e 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -178,6 +178,7 @@
 binder_call(system_server, installd)
 binder_call(system_server, incidentd)
 binder_call(system_server, netd)
+binder_call(system_server, vold)
 binder_call(system_server, wificond)
 binder_service(system_server)
 
@@ -574,6 +575,7 @@
 allow system_server nfc_service:service_manager find;
 allow system_server radio_service:service_manager find;
 allow system_server surfaceflinger_service:service_manager find;
+allow system_server vold_service:service_manager find;
 allow system_server wificond_service:service_manager find;
 
 allow system_server keystore:keystore_key {