Add rules for system_update service. system_update service manages system update information: system updater (priv_app) publishes the pending system update info through the service, while other apps can read the info accordingly (design doc in go/pi-ota-platform-api). This CL adds the service type, and grants priv_app to access the service. Bug: 67437079 Test: Build and flash marlin image. The system_update service works. Change-Id: I7a3eaee3ecd3e2e16b410413e917ec603566b375

commit: d7d9cfcad2a5b83fe0f554c5eaa53339b327beca [log] [tgz]
author: Tao Bao <tbao@google.com> Mon Oct 16 21:57:12 2017 -0700
committer: Tao Bao <tbao@google.com> Fri Jan 19 15:03:21 2018 -0800
tree: 20bafb64641157baa464c23efc876a7852622b05
parent: 829c6fef143b9e93213e521c30d960aba45e37f5 [diff] [blame]
diff --git a/private/priv_app.te b/private/priv_app.te
index ec52d56..e3eec83 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te

@@ -96,6 +96,10 @@
 binder_call(priv_app, storaged)
 allow priv_app storaged_service:service_manager find;
 
+# Allow GMS core to access system_update_service (e.g. to publish pending
+# system update info).
+allow priv_app system_update_service:service_manager find;
+
 # Allow GMS core to communicate with statsd.
 binder_call(priv_app, statsd)
commit	d7d9cfcad2a5b83fe0f554c5eaa53339b327beca	[log] [tgz]
author	Tao Bao <tbao@google.com>	Mon Oct 16 21:57:12 2017 -0700
committer	Tao Bao <tbao@google.com>	Fri Jan 19 15:03:21 2018 -0800
tree	20bafb64641157baa464c23efc876a7852622b05
parent	829c6fef143b9e93213e521c30d960aba45e37f5 [diff] [blame]