Sepolicy: ART APEX boot integrity Add ART boot integrity check domain. Give it rights to run fsverity and delete boot classpath artifacts. Bug 125474642 Test: m Test: boot Change-Id: I933add9b1895ed85c43ec712ced6ffe8f820c7ec

commit: 1845b406fc3ccfa5d63a3aa4dfa174391dac19bf [log] [tgz]
author: Andreas Gampe <agampe@google.com> Mon Mar 04 14:10:02 2019 -0800
committer: Andreas Gampe <agampe@google.com> Tue Mar 12 22:26:17 2019 -0700
tree: 1f080234024b99fde7bd9db79e780f40757eed7f
parent: 62e8da971398c5032af304a5439e8b4f64aa1fea [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index 9625acc..f81f399 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -238,6 +238,7 @@
 /system/bin/installd	u:object_r:installd_exec:s0
 /system/bin/otapreopt_chroot   u:object_r:otapreopt_chroot_exec:s0
 /system/bin/otapreopt_slot   u:object_r:otapreopt_slot_exec:s0
+/system/bin/art_apex_boot_integrity   u:object_r:art_apex_boot_integrity_exec:s0
 /system/bin/keystore	u:object_r:keystore_exec:s0
 /system/bin/fingerprintd u:object_r:fingerprintd_exec:s0
 /system/bin/gatekeeperd u:object_r:gatekeeperd_exec:s0
commit	1845b406fc3ccfa5d63a3aa4dfa174391dac19bf	[log] [tgz]
author	Andreas Gampe <agampe@google.com>	Mon Mar 04 14:10:02 2019 -0800
committer	Andreas Gampe <agampe@google.com>	Tue Mar 12 22:26:17 2019 -0700
tree	1f080234024b99fde7bd9db79e780f40757eed7f
parent	62e8da971398c5032af304a5439e8b4f64aa1fea [diff] [blame]