Adds selinux rules for ICarDisplayProxy service Bug: 170401743 Test: m -j selinux_policy Change-Id: Idf3f09d0bcf24de18d6eddb05e51991b4c5edbe8

commit: 66eba13833eee1229524754fd7f2fca4b3dfcbce [log] [tgz]
author: Changyeon Jo <changyeon@google.com> Mon Jan 31 17:23:32 2022 +0000
committer: Changyeon Jo <changyeon@google.com> Mon Jan 31 19:40:20 2022 +0000
tree: a931bfef4bfe455d7bd6db77e25748167cd87047
parent: 27416257f3b462f210671c5e41fc5c74dbb27023 [diff]
diff --git a/private/automotive_display_service.te b/private/automotive_display_service.te
index d757a52..c909986 100644
--- a/private/automotive_display_service.te
+++ b/private/automotive_display_service.te

@@ -4,7 +4,7 @@
 
 typeattribute automotive_display_service automotive_display_service_server;
 
-# Allow to add a display service to the manager
+# Allow to add a display service to the hwservicemanager
 add_hwservice(automotive_display_service, fwk_automotive_display_hwservice);
 
 # Allow init to launch automotive display service
@@ -36,3 +36,6 @@
 # Allow to access EGL files
 allow automotive_display_service gpu_device:chr_file rw_file_perms;
 allow automotive_display_service gpu_device:dir search;
+
+# Allow to add a service to the servicemanager
+add_service(automotive_display_service, fwk_automotive_display_service);

diff --git a/private/compat/32.0/32.0.ignore.cil b/private/compat/32.0/32.0.ignore.cil
index 6bed6c2..70c8c6b 100644
--- a/private/compat/32.0/32.0.ignore.cil
+++ b/private/compat/32.0/32.0.ignore.cil

@@ -18,6 +18,7 @@
     dice_node_service
     diced
     diced_exec
+    fwk_automotive_display_service
     extra_free_kbytes
     extra_free_kbytes_exec
     gesture_prop

diff --git a/private/file_contexts b/private/file_contexts
index 422d83a..ba50376 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -376,6 +376,7 @@
 /system/bin/snapuserd            u:object_r:snapuserd_exec:s0
 /system/bin/odsign               u:object_r:odsign_exec:s0
 /system/bin/vehicle_binding_util     u:object_r:vehicle_binding_util_exec:s0
+/system/bin/cardisplayproxyd     u:object_r:automotive_display_service_exec:s0
 
 #############################
 # Vendor files

diff --git a/private/service_contexts b/private/service_contexts
index c337fab..82780bf 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -72,6 +72,7 @@
 alarm                                     u:object_r:alarm_service:s0
 android.os.UpdateEngineService            u:object_r:update_engine_service:s0
 android.os.UpdateEngineStableService      u:object_r:update_engine_stable_service:s0
+android.frameworks.automotive.display.ICarDisplayProxy/default u:object_r:fwk_automotive_display_service:s0
 android.security.apc                      u:object_r:apc_service:s0
 android.security.authorization            u:object_r:authorization_service:s0
 android.security.compat                   u:object_r:keystore_compat_hal_service:s0
commit	66eba13833eee1229524754fd7f2fca4b3dfcbce	[log] [tgz]
author	Changyeon Jo <changyeon@google.com>	Mon Jan 31 17:23:32 2022 +0000
committer	Changyeon Jo <changyeon@google.com>	Mon Jan 31 19:40:20 2022 +0000
tree	a931bfef4bfe455d7bd6db77e25748167cd87047
parent	27416257f3b462f210671c5e41fc5c74dbb27023 [diff]