Allow rkp_cert_processor to call system_server and package_native. These services are necessary to check the presence of packages which may be required for RKP certificate post processing. Bug: 361877215 Test: tested locally Change-Id: I8e0be23f6ef145bc751692574446d9061ea1cfc1

commit: 1454b4ccce693ee419525a90ccae8691dd4f6624 [log] [tgz]
author: Vikram Gaur <vikramgaur@google.com> Thu Nov 14 11:08:15 2024 +0000
committer: Vikram Gaur <vikramgaur@google.com> Thu Nov 14 11:08:15 2024 +0000
tree: 1be97e4a2922e3560f0bd17d76591da3fee36807
parent: e38005205544ff8e28556968cf4a422f6eaec83d [diff]
diff --git a/private/rkp_cert_processor.te b/private/rkp_cert_processor.te
index 578bd4c..e5c9d07 100644
--- a/private/rkp_cert_processor.te
+++ b/private/rkp_cert_processor.te

@@ -6,7 +6,10 @@
 net_domain(rkp_cert_processor)
 
 binder_use(rkp_cert_processor)
+binder_call(rkp_cert_processor, system_server)
 
 add_service(rkp_cert_processor, rkp_cert_processor_service)
 
 use_bootstrap_libs(rkp_cert_processor)
+
+allow rkp_cert_processor package_native_service:service_manager find;
commit	1454b4ccce693ee419525a90ccae8691dd4f6624	[log] [tgz]
author	Vikram Gaur <vikramgaur@google.com>	Thu Nov 14 11:08:15 2024 +0000
committer	Vikram Gaur <vikramgaur@google.com>	Thu Nov 14 11:08:15 2024 +0000
tree	1be97e4a2922e3560f0bd17d76591da3fee36807
parent	e38005205544ff8e28556968cf4a422f6eaec83d [diff]