label boot animations on oem with bootanim_oem_file Bootanimation only access boot animation files on oem. Label these files with bootanim_oem_file and remove oemfs file allow rule. Also allow mediaserver and app to read this new label as they can access /oem/media folder. Bug: 324437684 Test: Confirm that boot animation on oem is shown without violations Change-Id: I940ccde9391a5daa920f31926d32e68b1de5b7eb

commit: 1f915b4b13e6d79070661bdbf4627af47aeba3b7 [log] [tgz]
author: Håkan Kvist <hakan.kvist@sony.com> Thu Feb 15 08:34:47 2024 +0100
committer: Håkan Kvist <hakan.kvist@sony.com> Fri Feb 16 11:08:30 2024 +0100
tree: 41caa56753b301ad275f1a143ef3c04b6da67f44
parent: 537a704088eb06f5027b41c565d5bac8b78c0ccc [diff] [blame]
diff --git a/private/compat/34.0/34.0.cil b/private/compat/34.0/34.0.cil
index 595d53e..7d80433 100644
--- a/private/compat/34.0/34.0.cil
+++ b/private/compat/34.0/34.0.cil

@@ -2099,7 +2099,7 @@
 (typeattributeset null_device_34_0 (null_device))
 (typeattributeset oem_lock_service_34_0 (oem_lock_service))
 (typeattributeset oem_unlock_prop_34_0 (oem_unlock_prop))
-(typeattributeset oemfs_34_0 (oemfs))
+(typeattributeset oemfs_34_0 (oemfs bootanim_oem_file))
 (typeattributeset ondevicepersonalization_system_service_34_0 (ondevicepersonalization_system_service))
 (typeattributeset ota_data_file_34_0 (ota_data_file))
 (typeattributeset ota_metadata_file_34_0 (ota_metadata_file))
commit	1f915b4b13e6d79070661bdbf4627af47aeba3b7	[log] [tgz]
author	Håkan Kvist <hakan.kvist@sony.com>	Thu Feb 15 08:34:47 2024 +0100
committer	Håkan Kvist <hakan.kvist@sony.com>	Fri Feb 16 11:08:30 2024 +0100
tree	41caa56753b301ad275f1a143ef3c04b6da67f44
parent	537a704088eb06f5027b41c565d5bac8b78c0ccc [diff] [blame]