Add policy for 'blank_screen'.
This util allows init to turn off the screen
without any binder dependencies.
Bug: 70846424
Test: manual + init use
Change-Id: I4f41a966d6398e959ea6baf36c2cfe6fcebc00de
diff --git a/private/blank_screen.te b/private/blank_screen.te
new file mode 100644
index 0000000..43d273b
--- /dev/null
+++ b/private/blank_screen.te
@@ -0,0 +1,6 @@
+type blank_screen, domain, coredomain;
+type blank_screen_exec, exec_type, file_type;
+
+init_daemon_domain(blank_screen)
+
+hal_client_domain(blank_screen, hal_light)
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 95e617b..325a22a 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -5,6 +5,9 @@
(typeattributeset new_objects
( adbd_exec
bootloader_boot_reason_prop
+ blank_screen
+ blank_screen_exec
+ blank_screen_tmpfs
bpfloader
bpfloader_exec
broadcastradio_service
diff --git a/private/file_contexts b/private/file_contexts
index 8dfec78..6a94951 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -179,6 +179,7 @@
#
/system(/.*)? u:object_r:system_file:s0
/system/bin/atrace u:object_r:atrace_exec:s0
+/system/bin/blank_screen u:object_r:blank_screen_exec:s0
/system/bin/e2fsdroid u:object_r:e2fs_exec:s0
/system/bin/mke2fs u:object_r:e2fs_exec:s0
/system/bin/e2fsck -- u:object_r:fsck_exec:s0