Add sepolicy for IFingerprint
Bug: 152416783
Test: run on cuttlefish
Change-Id: I58d7c3bc9c81612b03bab3b9da938c091c02e3c1
diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 4dce1a6..66286d5 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -11,6 +11,7 @@
debugfs_kprobes
gki_apex_prepostinstall
gki_apex_prepostinstall_exec
+ hal_fingerprint_service
gnss_device
hal_dumpstate_config_prop
keystore2_key_contexts_file
diff --git a/private/service_contexts b/private/service_contexts
index a78b108..35332ab 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -1,3 +1,4 @@
+android.hardware.biometrics.fingerprint.IFingerprint/default u:object_r:hal_fingerprint_service:s0
android.hardware.identity.IIdentityCredentialStore/default u:object_r:hal_identity_service:s0
android.hardware.light.ILights/default u:object_r:hal_light_service:s0
android.hardware.power.IPower/default u:object_r:hal_power_service:s0
diff --git a/private/system_server.te b/private/system_server.te
index 849676e..bd57ad8 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -777,7 +777,6 @@
allow system_server gatekeeper_service:service_manager find;
allow system_server gpu_service:service_manager find;
allow system_server gsi_service:service_manager find;
-allow system_server hal_fingerprint_service:service_manager find;
allow system_server idmap_service:service_manager find;
allow system_server incident_service:service_manager find;
allow system_server incremental_service:service_manager find;