Prevent access to nonplat_service_contexts on full_treble.
On Full Treble devices, servicemanager should only service
services from the platform service_contexts file.
Created new type to separate plat_ and nonplat_service_contexts,
and added new type to mapping (although I don't think this type
should have been used by vendors).
Bug: 36866029
Test: Marlin/Taimen boot
Change-Id: Ied112c64f22f8486a7415197660faa029add82d9
diff --git a/private/file_contexts b/private/file_contexts
index 7f9f512..b9247b9 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -51,7 +51,7 @@
/sepolicy u:object_r:sepolicy_file:s0
/plat_service_contexts u:object_r:service_contexts_file:s0
/plat_hwservice_contexts u:object_r:hwservice_contexts_file:s0
-/nonplat_service_contexts u:object_r:service_contexts_file:s0
+/nonplat_service_contexts u:object_r:nonplat_service_contexts_file:s0
/nonplat_hwservice_contexts u:object_r:hwservice_contexts_file:s0
/vndservice_contexts u:object_r:vndservice_contexts_file:s0
@@ -297,7 +297,7 @@
/vendor/etc/selinux/nonplat_mac_permissions.xml u:object_r:mac_perms_file:s0
/vendor/etc/selinux/nonplat_property_contexts u:object_r:property_contexts_file:s0
-/vendor/etc/selinux/nonplat_service_contexts u:object_r:service_contexts_file:s0
+/vendor/etc/selinux/nonplat_service_contexts u:object_r:nonplat_service_contexts_file:s0
/vendor/etc/selinux/nonplat_hwservice_contexts u:object_r:hwservice_contexts_file:s0
/vendor/etc/selinux/nonplat_file_contexts u:object_r:file_contexts_file:s0
/vendor/etc/selinux/nonplat_seapp_contexts u:object_r:seapp_contexts_file:s0