Add new classes and types for (hw|vnd)servicemanager.
Bug: 34454312
Bug: 36052864
Test: device boots, works
Change-Id: If61d9b736a74c5944cef4449de4dfbaf78d9ccfa
diff --git a/private/access_vectors b/private/access_vectors
index c4f13bb..dcd86c2 100644
--- a/private/access_vectors
+++ b/private/access_vectors
@@ -668,6 +668,20 @@
list
}
+class hwservice_manager
+{
+ add
+ find
+ list
+}
+
+class vndservice_manager
+{
+ add
+ find
+ list
+}
+
class keystore_key
{
get_state
diff --git a/private/security_classes b/private/security_classes
index a202c5d..5685bd6 100644
--- a/private/security_classes
+++ b/private/security_classes
@@ -134,6 +134,12 @@
# Service manager
class service_manager # userspace
+# hardware service manager # userspace
+class hwservice_manager
+
+# vendor service manager # userspace
+class vndservice_manager
+
# Keystore Key
class keystore_key # userspace
diff --git a/public/attributes b/public/attributes
index 6bb8346..30dfa4b 100644
--- a/public/attributes
+++ b/public/attributes
@@ -95,11 +95,18 @@
# services which export only system_api
attribute system_api_service;
-# All types used for services managed by service_manager.
+# All types used for services managed by servicemanager.
# On change, update CHECK_SC_ASSERT_ATTRS
# definition in tools/checkfc.c.
attribute service_manager_type;
+# All types used for services managed by hwservicemanager
+attribute hwservice_manager_type;
+
+# All types used for services managed by vndservicemanager
+attribute vndservice_manager_type;
+
+
# All domains that can override MLS restrictions.
# i.e. processes that can read up and write down.
attribute mlstrustedsubject;