Merge "virtualizationmanager is a client of secretkeeper" into main
diff --git a/private/virtualizationmanager.te b/private/virtualizationmanager.te
index 40d95c6..725ca72 100644
--- a/private/virtualizationmanager.te
+++ b/private/virtualizationmanager.te
@@ -87,6 +87,10 @@
allow virtualizationmanager sysfs_dt_avf:dir search;
allow virtualizationmanager sysfs_dt_avf:file { open read };
+# virtualizationmanager to be client of secretkeeper HAL. It ferries SecretManagement messages
+# from pVM to HAL.
+hal_client_domain(virtualizationmanager, hal_secretkeeper);
+
# Let virtualizationmanager open test artifacts under /data/local/tmp with file path.
# (e.g. custom debug policy)
userdebug_or_eng(`