SELinux policy changes for Wearable Sensing APIs.
API changes are in ag/20407841. Please note we're still going through
security reviews here: b/249996246 and will incorporate feedback as we
go through the process. These selinux policies will enable the
WearableSensingService to run and unblock upstream development work.
Test: Ensure no build failures, ensure no SecurityException on boot
Bug: 249135378, 244181656
Ignore-AOSP-First: to prevent new feature leak.
Change-Id: I597827766cc3ed68ae65fb177f518eaf874f1eda
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 1bb6eb6..2397f38 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@@ -423,6 +423,7 @@
"vrmanager": EXCEPTION_NO_FUZZER,
"wallpaper": EXCEPTION_NO_FUZZER,
"wallpaper_effects_generation": EXCEPTION_NO_FUZZER,
+ "wearable_sensing": EXCEPTION_NO_FUZZER,
"webviewupdate": EXCEPTION_NO_FUZZER,
"wifip2p": EXCEPTION_NO_FUZZER,
"wifiscanner": EXCEPTION_NO_FUZZER,
diff --git a/private/service.te b/private/service.te
index 8059bfb..3717150 100644
--- a/private/service.te
+++ b/private/service.te
@@ -21,3 +21,4 @@
type tracingproxy_service, system_server_service, service_manager_type;
type transparency_service, system_server_service, service_manager_type;
type uce_service, service_manager_type;
+type wearable_sensing_service, system_api_service, system_server_service, service_manager_type;
diff --git a/private/service_contexts b/private/service_contexts
index 562e3d4..a4652e4 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -401,6 +401,7 @@
vrmanager u:object_r:vr_manager_service:s0
wallpaper u:object_r:wallpaper_service:s0
wallpaper_effects_generation u:object_r:wallpaper_effects_generation_service:s0
+wearable_sensing u:object_r:wearable_sensing_service:s0
webviewupdate u:object_r:webviewupdate_service:s0
wifip2p u:object_r:wifip2p_service:s0
wifiscanner u:object_r:wifiscanner_service:s0