commit 6aa44527b87b74d7e1140d1c74c3aeffcfc4a786
author Matt Pape <mpape@google.com> Fri Dec 07 08:27:29 2018 -0800
committer Matt Pape <mpape@google.com> Fri Dec 07 08:27:29 2018 -0800
tree 0281752d5d4fa599c6d8598dde2b73fec3d48a96
parent de3a3e41560314a3fda35adddf0f2328dd9e3a1a

SEPolicy updates for DeviceConfig Service.

Add a DeviceConfig service in system_server to edit configuration flags.
This is intended to be a command line tool for local overrides and/or
tool for tests that adopt shell permissions.

Test: None
Bug:109919982
Bug:113101834
Change-Id: Ib7bed752849b1ed102747e3202dd7aed48d2c6d5

private/compat/28.0/28.0.ignore.cil

diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index f9f4ebf..d852853 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -20,8 +20,9 @@
     cpu_variant_prop
     dev_cpu_variant
     device_config_boot_count_prop
-    device_config_reset_performed_prop
     device_config_flags_health_check_prop
+    device_config_reset_performed_prop
+    device_config_service
     face_service
     face_vendor_data_file
     fastbootd

private/service_contexts

diff --git a/private/service_contexts b/private/service_contexts
index 7f1b38f..43479b3 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -38,6 +38,7 @@
 cpuinfo                                   u:object_r:cpuinfo_service:s0
 crossprofileapps                          u:object_r:crossprofileapps_service:s0
 dbinfo                                    u:object_r:dbinfo_service:s0
+device_config                             u:object_r:device_config_service:s0
 device_policy                             u:object_r:device_policy_service:s0
 device_identifiers                        u:object_r:device_identifiers_service:s0
 deviceidle                                u:object_r:deviceidle_service:s0