surfaceflinger: grant access to vr_manager_service Addresses avc: denied { find } for service=vrmanager pid=472 uid=1000 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:vr_manager_service:s0 tclass=service_manager Test: Marlin builds and boots. Denial no longer observed. Bug: 35258608 Bug: 35197529 Change-Id: I480dff3fdaf01f71e29e96f08350f705c6a23bba

commit: 8bf3b7a8656372c1dcead6aedbf1a96d0a3bf1d9 [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Fri Feb 10 13:33:56 2017 -0800
committer: Jeff Vander Stoep <jeffv@google.com> Fri Feb 10 13:36:43 2017 -0800
tree: da89a8a8d4ac7720c2773a77acdce2649b6cb216
parent: 009106189d16e415c5540cc23fd360dad9930357 [diff]
diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index a400913..5f7549d 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te

@@ -71,8 +71,10 @@
 allow surfaceflinger mediaserver_service:service_manager find;
 allow surfaceflinger permission_service:service_manager find;
 allow surfaceflinger power_service:service_manager find;
+allow surfaceflinger vr_manager_service:service_manager find;
 allow surfaceflinger window_service:service_manager find;
 
+
 # allow self to set SCHED_FIFO
 allow surfaceflinger self:capability sys_nice;
 allow surfaceflinger proc_meminfo:file r_file_perms;
commit	8bf3b7a8656372c1dcead6aedbf1a96d0a3bf1d9	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Fri Feb 10 13:33:56 2017 -0800
committer	Jeff Vander Stoep <jeffv@google.com>	Fri Feb 10 13:36:43 2017 -0800
tree	da89a8a8d4ac7720c2773a77acdce2649b6cb216
parent	009106189d16e415c5540cc23fd360dad9930357 [diff]