Add sepolicy for new AIDL sensorservice Test: boot cuttlefish and check for avc denials Bug: 205764765 Change-Id: Ie9d02b43250ca3c5f642b2d87d2a5b532a9b5195

commit: e714ba95ed39faf3136cd99ac10de7715e6f362f [log] [tgz]
author: Devin Moore <devinmoore@google.com> Mon Nov 07 20:41:10 2022 +0000
committer: Devin Moore <devinmoore@google.com> Mon Nov 14 17:26:24 2022 +0000
tree: 970587e50410cbdfc736d058414331ec9105b90f
parent: f4ab6c9f3c21617b5f313804d1df4a32192c573d [diff]
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 6e63dda..a91789d 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go

@@ -108,6 +108,7 @@
 		"android.hardware.wifi.IWifi/default":                                     EXCEPTION_NO_FUZZER,
 		"android.hardware.wifi.hostapd.IHostapd/default":                          EXCEPTION_NO_FUZZER,
 		"android.hardware.wifi.supplicant.ISupplicant/default":                    EXCEPTION_NO_FUZZER,
+		"android.frameworks.sensorservice.ISensorManager/default":                 EXCEPTION_NO_FUZZER,
 		"android.frameworks.stats.IStats/default":                                 EXCEPTION_NO_FUZZER,
 		"android.se.omapi.ISecureElementService/default":                          EXCEPTION_NO_FUZZER,
 		"android.system.keystore2.IKeystoreService/default":                       EXCEPTION_NO_FUZZER,

diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 1bb5557..ee56e52 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil

@@ -11,6 +11,7 @@
     device_config_memory_safety_native_prop
     device_config_vendor_system_native_prop
     devicelock_service
+    fwk_sensor_service
     hal_bootctl_service
     hal_cas_service
     hal_cpu_hwservice

diff --git a/private/service_contexts b/private/service_contexts
index 2e2e7b2..496fcd4 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -1,4 +1,5 @@
 android.frameworks.stats.IStats/default                              u:object_r:fwk_stats_service:s0
+android.frameworks.sensorservice.ISensorManager/default              u:object_r:fwk_sensor_service:s0
 android.hardware.audio.core.IConfig/default                          u:object_r:hal_audio_service:s0
 android.hardware.audio.core.IModule/default                          u:object_r:hal_audio_service:s0
 android.hardware.audio.effect.IFactory/default                       u:object_r:hal_audio_service:s0

diff --git a/public/service.te b/public/service.te
index fefdbd6..a44edfb 100644
--- a/public/service.te
+++ b/public/service.te

@@ -131,6 +131,7 @@
 type face_service, app_api_service, system_server_service, service_manager_type;
 type fingerprint_service, app_api_service, system_server_service, service_manager_type;
 type fwk_stats_service, app_api_service, system_server_service, service_manager_type;
+type fwk_sensor_service, system_server_service, service_manager_type;
 type game_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type gfxinfo_service, system_api_service, system_server_service, service_manager_type;
 type gnss_time_update_service, system_server_service, service_manager_type;
commit	e714ba95ed39faf3136cd99ac10de7715e6f362f	[log] [tgz]
author	Devin Moore <devinmoore@google.com>	Mon Nov 07 20:41:10 2022 +0000
committer	Devin Moore <devinmoore@google.com>	Mon Nov 14 17:26:24 2022 +0000
tree	970587e50410cbdfc736d058414331ec9105b90f
parent	f4ab6c9f3c21617b5f313804d1df4a32192c573d [diff]