Allow PackageManager to communicate to apexd. This is used for querying the installed packages, as well as coordinating the installations of packages. Test: ran an app that queries PM, that queries apexd. Bug: 117589375 Change-Id: I38203ffe6d0d312d6cc38e131a29c14ace0ba10c

commit: 7ad743b7ed5e4905316fd7d6afb2d9220538a3fb [log] [tgz]
author: Dario Freni <dariofreni@google.com> Thu Oct 18 12:50:06 2018 +0100
committer: Dario Freni <dariofreni@google.com> Mon Nov 19 22:05:21 2018 +0000
tree: 1d35487a66be98ea8a165319709364db7534d2d1
parent: 41ddb80cd8c69cbd8730c77f5f7bf32a649199bb [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index 49bba86..7104135 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -941,6 +941,10 @@
 allow system_server system_server_startup_tmpfs:file { read write map };
 allow system_server system_server_startup:unix_dgram_socket write;
 
+# Allow system server to communicate to apexd
+allow system_server apex_service:service_manager find;
+allow system_server apexd:binder call;
+
 # dexoptanalyzer is currently used only for secondary dex files which
 # system_server should never access.
 neverallow system_server dexoptanalyzer_exec:file no_x_file_perms;
commit	7ad743b7ed5e4905316fd7d6afb2d9220538a3fb	[log] [tgz]
author	Dario Freni <dariofreni@google.com>	Thu Oct 18 12:50:06 2018 +0100
committer	Dario Freni <dariofreni@google.com>	Mon Nov 19 22:05:21 2018 +0000
tree	1d35487a66be98ea8a165319709364db7534d2d1
parent	41ddb80cd8c69cbd8730c77f5f7bf32a649199bb [diff] [blame]