Add sepolicy for weaver aidl HAL service

Bug: 176107318
Change-Id: I9ca1a68e45b462c9b6ac912debb196b3a3ca45ba
diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 6868554..365af1f 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -41,6 +41,7 @@
     hal_keymint_service
     hal_neuralnetworks_service
     hal_power_stats_service
+    hal_weaver_service
     keystore_compat_hal_service
     keystore2_key_contexts_file
     legacy_permission_service
diff --git a/private/service_contexts b/private/service_contexts
index 96384e2..2772af5 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -14,6 +14,7 @@
 android.hardware.security.keymint.IKeyMintDevice/default             u:object_r:hal_keymint_service:s0
 android.hardware.vibrator.IVibrator/default                          u:object_r:hal_vibrator_service:s0
 android.hardware.vibrator.IVibratorManager/default                   u:object_r:hal_vibrator_service:s0
+android.hardware.weaver.IWeaver/default                              u:object_r:hal_weaver_service:s0
 
 accessibility                             u:object_r:accessibility_service:s0
 account                                   u:object_r:account_service:s0
diff --git a/public/hal_weaver.te b/public/hal_weaver.te
index 36d1306..2b34989 100644
--- a/public/hal_weaver.te
+++ b/public/hal_weaver.te
@@ -2,3 +2,6 @@
 binder_call(hal_weaver_client, hal_weaver_server)
 
 hal_attribute_hwservice(hal_weaver, hal_weaver_hwservice)
+hal_attribute_service(hal_weaver, hal_weaver_service)
+
+binder_call(hal_weaver_server, servicemanager)
diff --git a/public/service.te b/public/service.te
index 5837951..3d91b73 100644
--- a/public/service.te
+++ b/public/service.te
@@ -246,6 +246,7 @@
 type hal_power_stats_service, vendor_service, protected_service, service_manager_type;
 type hal_rebootescrow_service, vendor_service, protected_service, service_manager_type;
 type hal_vibrator_service, vendor_service, protected_service, service_manager_type;
+type hal_weaver_service, vendor_service, protected_service, service_manager_type;
 
 ###
 ### Neverallow rules
diff --git a/vendor/hal_weaver_default.te b/vendor/hal_weaver_default.te
new file mode 100644
index 0000000..0dd7679
--- /dev/null
+++ b/vendor/hal_weaver_default.te
@@ -0,0 +1,5 @@
+type hal_weaver_default, domain;
+hal_server_domain(hal_weaver_default, hal_weaver)
+
+type hal_weaver_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_weaver_default)