Diced: Add policy for diced the DICE daemon. Bug: 198197213 Test: N/A Change-Id: I5d0b06e3cd0c594cff6120856ca3bb4f7c1dd98d

commit: 2b6c6063ae8799f3d4e71032e06816ebfcd22586 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Tue Nov 09 17:49:02 2021 -0800
committer: Janis Danisevskis <jdanis@google.com> Wed Nov 17 13:36:18 2021 -0800
tree: 87c40178d0bfd3aca13372149a2553aec7ab898d
parent: 8797f5841cb86edabd5438e79741b1d83bd575e0 [diff]
diff --git a/public/diced.te b/public/diced.te
new file mode 100644
index 0000000..0908936
--- /dev/null
+++ b/public/diced.te

@@ -0,0 +1,11 @@
+type diced, domain;
+type diced_exec, system_file_type, exec_type, file_type;
+
+binder_use(diced)
+binder_service(diced)
+
+add_service(diced, dice_node_service)
+add_service(diced, dice_maintenance_service)
+
+# Check SELinux permissions.
+selinux_check_access(diced)

diff --git a/public/service.te b/public/service.te
index 7f1fbe2..9ffed63 100644
--- a/public/service.te
+++ b/public/service.te

@@ -8,6 +8,8 @@
 type bluetooth_service,         service_manager_type;
 type cameraserver_service,      service_manager_type;
 type default_android_service,   service_manager_type;
+type dice_maintenance_service,  service_manager_type;
+type dice_node_service,         service_manager_type;
 type dnsresolver_service,       service_manager_type;
 type drmserver_service,         service_manager_type;
 type dumpstate_service,         service_manager_type;
commit	2b6c6063ae8799f3d4e71032e06816ebfcd22586	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Tue Nov 09 17:49:02 2021 -0800
committer	Janis Danisevskis <jdanis@google.com>	Wed Nov 17 13:36:18 2021 -0800
tree	87c40178d0bfd3aca13372149a2553aec7ab898d
parent	8797f5841cb86edabd5438e79741b1d83bd575e0 [diff]