Allow PermissionController app to to request and collect incident reports This change adds rules related to incidentd and incident_service. Bug: 142672293 Test: TH Change-Id: I578ad5f1d893b9f640983d44eed770d0933ebf60

commit: 73e1229c96b840dd6dab3ac3018f8f4a08367783 [log] [tgz]
author: Ashwini Oruganti <ashfall@google.com> Mon Dec 09 15:37:05 2019 -0800
committer: Ashwini Oruganti <ashfall@google.com> Mon Dec 09 16:38:20 2019 -0800
tree: f3d243e4ceae8675a2c6a1511c86d3dd91668052
parent: fe55f30397da4f928672e0c39b4dc813b818a010 [diff]
diff --git a/private/incidentd.te b/private/incidentd.te
index 26f436a..b806f6e 100644
--- a/private/incidentd.te
+++ b/private/incidentd.te

@@ -168,6 +168,7 @@
   -incident
   -incidentd
   userdebug_or_eng(`-perfetto')
+  -permissioncontroller_app
   -priv_app
   -statsd
   -system_app

diff --git a/private/permissioncontroller_app.te b/private/permissioncontroller_app.te
index 9d88248..41b11f1 100644
--- a/private/permissioncontroller_app.te
+++ b/private/permissioncontroller_app.te

@@ -37,3 +37,9 @@
 allow permissioncontroller_app surfaceflinger_service:service_manager find;
 allow permissioncontroller_app telecom_service:service_manager find;
 allow permissioncontroller_app trust_service:service_manager find;
+
+# Allow the app to request and collect incident reports.
+# (Also requires DUMP and PACKAGE_USAGE_STATS permissions)
+allow permissioncontroller_app incident_service:service_manager find;
+binder_call(permissioncontroller_app, incidentd)
+allow permissioncontroller_app incidentd:fifo_file { read write };
commit	73e1229c96b840dd6dab3ac3018f8f4a08367783	[log] [tgz]
author	Ashwini Oruganti <ashfall@google.com>	Mon Dec 09 15:37:05 2019 -0800
committer	Ashwini Oruganti <ashfall@google.com>	Mon Dec 09 16:38:20 2019 -0800
tree	f3d243e4ceae8675a2c6a1511c86d3dd91668052
parent	fe55f30397da4f928672e0c39b4dc813b818a010 [diff]