Merge "init.te: fixup stale comment"
diff --git a/private/file_contexts b/private/file_contexts
index 70dde3a..95293f7 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -234,7 +234,7 @@
/system/bin/hw/android\.hardware\.dumpstate@1\.0-service u:object_r:hal_dumpstate_default_exec:s0
/system/bin/hw/android\.hardware\.graphics\.allocator@2\.0-service u:object_r:hal_graphics_allocator_default_exec:s0
/system/bin/hw/android\.hardware\.graphics\.composer@2\.1-service u:object_r:hal_graphics_composer_default_exec:s0
-/system/bin/hw/android\.hardware\.health@1\.0-service u:object_r:hal_health_exec:s0
+/system/bin/hw/android\.hardware\.health@1\.0-service u:object_r:hal_health_default_exec:s0
/system/bin/hw/android\.hardware\.ir@1\.0-service u:object_r:hal_ir_default_exec:s0
/system/bin/hw/android\.hardware\.light@2\.0-service u:object_r:hal_light_default_exec:s0
/system/bin/hw/android\.hardware\.memtrack@1\.0-service u:object_r:hal_memtrack_default_exec:s0
diff --git a/private/hal_health.te b/private/hal_health.te
deleted file mode 100644
index 93115b0..0000000
--- a/private/hal_health.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# may be started by init
-init_daemon_domain(hal_health)
diff --git a/private/hal_health_default.te b/private/hal_health_default.te
new file mode 100644
index 0000000..fb23973
--- /dev/null
+++ b/private/hal_health_default.te
@@ -0,0 +1,10 @@
+# health info abstraction
+type hal_health_default, hal_health, domain;
+type hal_health_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_health_default)
+
+# Read access to system files for HALs in
+# /{system,vendor,odm}/lib[64]/hw/ in order
+# to be able to open the hal implementation .so files
+r_dir_file(hal_health, system_file)
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 6349a97..85980e9 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -22,7 +22,7 @@
# All specified input selectors in an entry must match (i.e. logical AND).
# Matching is case-insensitive.
#
-# Precedence rules:
+# Precedence rules (see external/selinux/libselinux/src/android/android.c seapp_context_cmp()):
# (1) isSystemServer=true before isSystemServer=false.
# (2) Specified isEphemeralApp= before unspecified isEphemeralApp= boolean.
# (3) Specified isOwner= before unspecified isOwner= boolean.
diff --git a/private/service_contexts b/private/service_contexts
index 43d0552..76a852b 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -29,6 +29,7 @@
content u:object_r:content_service:s0
contexthub_service u:object_r:contexthub_service:s0
country_detector u:object_r:country_detector_service:s0
+coverage u:object_r:coverage_service:s0
cpuinfo u:object_r:cpuinfo_service:s0
dbinfo u:object_r:dbinfo_service:s0
device_policy u:object_r:device_policy_service:s0
diff --git a/public/attributes b/public/attributes
index 4cfc098..aafafa6 100644
--- a/public/attributes
+++ b/public/attributes
@@ -119,6 +119,7 @@
attribute hal_dumpstate;
attribute hal_graphics_allocator;
attribute hal_graphics_composer;
+attribute hal_health;
attribute hal_ir;
attribute hal_light;
attribute hal_memtrack;
diff --git a/public/hal_health.te b/public/hal_health.te
index 2b498a2..226409f 100644
--- a/public/hal_health.te
+++ b/public/hal_health.te
@@ -1,14 +1,5 @@
-# health info abstraction
-type hal_health, domain;
-type hal_health_exec, exec_type, file_type;
-
# hwbinder access
hwbinder_use(hal_health)
# call into healthd for callbacks
binder_call(hal_health, healthd)
-
-# Read access to system files for HALs in
-# /{system,vendor,odm}/lib[64]/hw/ in order
-# to be able to open the hal implementation .so files
-r_dir_file(hal_health, system_file)
diff --git a/public/priv_app.te b/public/priv_app.te
index 5f9889f..fb73b15 100644
--- a/public/priv_app.te
+++ b/public/priv_app.te
@@ -11,10 +11,9 @@
# webview crash handling depends on self ptrace (b/27697529, b/20150694, b/19277529#comment7)
allow priv_app self:process ptrace;
-# Some apps ship with shared libraries and binaries that they write out
-# to their sandbox directory and then execute.
-allow priv_app app_data_file:file rx_file_perms;
-auditallow priv_app app_data_file:file execute_no_trans;
+# Some apps ship with shared libraries that they write out
+# to their sandbox directory and then dlopen().
+allow priv_app app_data_file:file { r_file_perms execute };
allow priv_app audioserver_service:service_manager find;
allow priv_app cameraserver_service:service_manager find;
diff --git a/public/service.te b/public/service.te
index d1be52d..550f79b 100644
--- a/public/service.te
+++ b/public/service.te
@@ -48,6 +48,9 @@
type consumer_ir_service, app_api_service, system_server_service, service_manager_type;
type content_service, app_api_service, system_server_service, service_manager_type;
type country_detector_service, app_api_service, system_server_service, service_manager_type;
+# Note: The coverage_service should only be enabled for userdebug / eng builds that were compiled
+# with EMMA_INSTRUMENT=true. We should consider locking this down in the future.
+type coverage_service, system_server_service, service_manager_type;
type cpuinfo_service, system_api_service, system_server_service, service_manager_type;
type dbinfo_service, system_api_service, system_server_service, service_manager_type;
type device_policy_service, app_api_service, system_server_service, service_manager_type;