Separate system_ext_hwservice_contexts out of system sepolicy. Bug: 137712473 Test: boot crosshatch Change-Id: Ic5774da74e200b9d7699ac2240a12e7616dc512a

commit: 241d36eedd8f1e2086fdd58e0ffafbc20121c0ce [log] [tgz]
author: Bowgo Tsai <bowgotsai@google.com> Mon Sep 09 22:05:10 2019 +0800
committer: Bowgo Tsai <bowgotsai@google.com> Thu Sep 26 21:29:15 2019 +0800
tree: 29b2f009f10a928783d94476b81c2e1b6d6ab1c2
parent: 7bc47f4ba75eceadc5b9cdc80383905fd724e5c8 [diff]
diff --git a/Android.bp b/Android.bp
index 5dd8628..170e7ca 100644
--- a/Android.bp
+++ b/Android.bp

@@ -225,6 +225,12 @@
 }
 
 hwservice_contexts {
+    name: "system_ext_hwservice_contexts",
+    srcs: [":hwservice_contexts_files"],
+    system_ext_specific: true,
+}
+
+hwservice_contexts {
     name: "product_hwservice_contexts",
     srcs: [":hwservice_contexts_files"],
     product_specific: true,

diff --git a/Android.mk b/Android.mk
index 092d568..5cb79be 100644
--- a/Android.mk
+++ b/Android.mk

@@ -316,8 +316,10 @@
     system_ext_sepolicy.cil \
     system_ext_file_contexts \
     system_ext_file_contexts_test \
-    system_ext_mapping_file \
+    system_ext_hwservice_contexts \
+    system_ext_hwservice_contexts_test \
     system_ext_seapp_contexts \
+    system_ext_mapping_file \
 
 endif
 

diff --git a/contexts_tests.mk b/contexts_tests.mk
index a549b3f..0073e9c 100644
--- a/contexts_tests.mk
+++ b/contexts_tests.mk

@@ -106,6 +106,17 @@
 ##################################
 include $(CLEAR_VARS)
 
+LOCAL_MODULE := system_ext_hwservice_contexts_test
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, $(system_ext_out)/system_ext_hwservice_contexts, $(checkfc), -e -l))
+
+##################################
+include $(CLEAR_VARS)
+
 LOCAL_MODULE := product_hwservice_contexts_test
 LOCAL_MODULE_CLASS := FAKE
 LOCAL_MODULE_TAGS := optional

diff --git a/private/file_contexts b/private/file_contexts
index a6c4edd..6fa1c56 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -422,8 +422,9 @@
 /(system_ext|system/system_ext)/etc/passwd          u:object_r:system_passwd_file:s0
 /(system_ext|system/system_ext)/overlay(/.*)?       u:object_r:vendor_overlay_file:s0
 
-/(system_ext|system/system_ext)/etc/selinux/system_ext_file_contexts  u:object_r:file_contexts_file:s0
-/(system_ext|system/system_ext)/etc/selinux/system_ext_seapp_contexts u:object_r:seapp_contexts_file:s0
+/(system_ext|system/system_ext)/etc/selinux/system_ext_file_contexts      u:object_r:file_contexts_file:s0
+/(system_ext|system/system_ext)/etc/selinux/system_ext_hwservice_contexts u:object_r:hwservice_contexts_file:s0
+/(system_ext|system/system_ext)/etc/selinux/system_ext_seapp_contexts     u:object_r:seapp_contexts_file:s0
 
 #############################
 # Vendor files from /(product|system/product)/vendor_overlay
commit	241d36eedd8f1e2086fdd58e0ffafbc20121c0ce	[log] [tgz]
author	Bowgo Tsai <bowgotsai@google.com>	Mon Sep 09 22:05:10 2019 +0800
committer	Bowgo Tsai <bowgotsai@google.com>	Thu Sep 26 21:29:15 2019 +0800
tree	29b2f009f10a928783d94476b81c2e1b6d6ab1c2
parent	7bc47f4ba75eceadc5b9cdc80383905fd724e5c8 [diff]