Update SEPolicy for Thermal AIDL
Bug: b/205762943
Test: build and boot
Change-Id: I301b85dafbf8fbb1c4be388aa0291e22f4717c99
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 05e55ba..c61e039 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@@ -80,6 +80,7 @@
"android.hardware.security.sharedsecret.ISharedSecret/default": []string{},
"android.hardware.sensors.ISensors/default": []string{},
"android.hardware.soundtrigger3.ISoundTriggerHw/default": []string{},
+ "android.hardware.thermal.IThermal/default": []string{},
"android.hardware.tv.input.ITvInput/default": []string{},
"android.hardware.tv.tuner.ITuner/default": []string{},
"android.hardware.usb.IUsb/default": []string{},
diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index bdb4869..2af50b4 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@@ -13,6 +13,7 @@
devicelock_service
hal_bootctl_service
hal_remoteaccess_service
+ hal_thermal_service
hal_tv_input_service
healthconnect_service
keystore_config_prop
diff --git a/private/service_contexts b/private/service_contexts
index f8c99df..de96c8e 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -64,6 +64,7 @@
android.hardware.security.sharedsecret.ISharedSecret/default u:object_r:hal_sharedsecret_service:s0
android.hardware.sensors.ISensors/default u:object_r:hal_sensors_service:s0
android.hardware.soundtrigger3.ISoundTriggerHw/default u:object_r:hal_audio_service:s0
+android.hardware.thermal.IThermal/default u:object_r:hal_thermal_service:s0
android.hardware.tv.tuner.ITuner/default u:object_r:hal_tv_tuner_service:s0
android.hardware.tv.input.ITvInput/default u:object_r:hal_tv_input_service:s0
android.hardware.usb.IUsb/default u:object_r:hal_usb_service:s0
diff --git a/public/hal_thermal.te b/public/hal_thermal.te
index 2115da1..13fed00 100644
--- a/public/hal_thermal.te
+++ b/public/hal_thermal.te
@@ -3,3 +3,8 @@
binder_call(hal_thermal_server, hal_thermal_client)
hal_attribute_hwservice(hal_thermal, hal_thermal_hwservice)
+hal_attribute_service(hal_thermal, hal_thermal_service)
+
+add_service(hal_thermal_server, hal_thermal_service)
+binder_call(hal_thermal_server, servicemanager)
+binder_call(hal_thermal_client, servicemanager)
diff --git a/public/service.te b/public/service.te
index a844b82..017a187 100644
--- a/public/service.te
+++ b/public/service.te
@@ -304,6 +304,7 @@
type hal_secureclock_service, protected_service, hal_service_type, service_manager_type;
type hal_sharedsecret_service, protected_service, hal_service_type, service_manager_type;
type hal_system_suspend_service, protected_service, hal_service_type, service_manager_type;
+type hal_thermal_service, protected_service, hal_service_type, service_manager_type;
type hal_tv_input_service, protected_service, hal_service_type, service_manager_type;
type hal_tv_tuner_service, protected_service, hal_service_type, service_manager_type;
type hal_usb_service, protected_service, hal_service_type, service_manager_type;
diff --git a/vendor/file_contexts b/vendor/file_contexts
index ceb1492..c214f4e 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -92,6 +92,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.security\.keymint-service u:object_r:hal_keymint_default_exec:s0
/(vendor|system/vendor)/bin/hw/rild u:object_r:rild_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.thermal@1\.[01]-service u:object_r:hal_thermal_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.thermal-service\.example u:object_r:hal_thermal_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.cec@1\.[01]-service u:object_r:hal_tv_cec_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.input@1\.0-service u:object_r:hal_tv_input_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.input-service\.example u:object_r:hal_tv_input_default_exec:s0