Add SELinux changes for Credential Manager Service in system server Test: Built & Deployed on device locally. Change-Id: I892107ed528e0ca7435aa29a0fa1e6dbf4f225c5

commit: 5b57bfaf7e8f037347d47c0029ebe66497f4fe5a [log] [tgz]
author: Reema Bajwa <reemabajwa@google.com> Thu Sep 15 03:12:05 2022 +0000
committer: Reema Bajwa <reemabajwa@google.com> Mon Sep 19 17:51:06 2022 +0000
tree: d2590f67f5035f67cdfcc18e33582ed1087ccca3
parent: 0ecf99def56f882084b7b9db711dd41c6a1ea730 [diff]
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 7a7f61f..fa928fe 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go

@@ -168,6 +168,7 @@
 		"country_detector":                                                []string{},
 		"coverage":                                                        []string{},
 		"cpuinfo":                                                         []string{},
+		"credential":                                                      []string{},
 		"crossprofileapps":                                                []string{},
 		"dataloader_manager":                                              []string{},
 		"dbinfo":                                                          []string{},

diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 90e2eaf..c9d207c 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil

@@ -7,6 +7,7 @@
   ( new_objects
     apex_ready_prop
     artd
+    credential_service
     device_config_memory_safety_native_prop
     device_config_vendor_system_native_prop
     hal_bootctl_service

diff --git a/private/service_contexts b/private/service_contexts
index 1504bac..0c39a36 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -140,6 +140,7 @@
 com.android.net.IProxyService             u:object_r:IProxyService_service:s0
 companiondevice                           u:object_r:companion_device_service:s0
 communal                                  u:object_r:communal_service:s0
+credential                                u:object_r:credential_service:s0
 platform_compat                           u:object_r:platform_compat_service:s0
 platform_compat_native                    u:object_r:platform_compat_service:s0
 connectivity                              u:object_r:connectivity_service:s0

diff --git a/public/service.te b/public/service.te
index 4bd5e65..e5737ad 100644
--- a/public/service.te
+++ b/public/service.te

@@ -102,6 +102,7 @@
 # with EMMA_INSTRUMENT=true. We should consider locking this down in the future.
 type coverage_service, system_server_service, service_manager_type;
 type cpuinfo_service, system_api_service, system_server_service, service_manager_type;
+type credential_service, system_api_service, system_server_service, service_manager_type;
 type dataloader_manager_service, system_server_service, service_manager_type;
 type dbinfo_service, system_api_service, system_server_service, service_manager_type;
 type device_config_service, system_server_service, service_manager_type;
commit	5b57bfaf7e8f037347d47c0029ebe66497f4fe5a	[log] [tgz]
author	Reema Bajwa <reemabajwa@google.com>	Thu Sep 15 03:12:05 2022 +0000
committer	Reema Bajwa <reemabajwa@google.com>	Mon Sep 19 17:51:06 2022 +0000
tree	d2590f67f5035f67cdfcc18e33582ed1087ccca3
parent	0ecf99def56f882084b7b9db711dd41c6a1ea730 [diff]