Add Network Watchlist data file selinux policy(Used in ConfigUpdater)
Bug: 63908748
Test: Able to boot
Change-Id: I14d8856d7aac7be9d1f26ecf5bfff69ea5ee9607
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index e359935..50d4ee7 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -25,6 +25,7 @@
lowpan_service
mediaprovider_tmpfs
netd_stable_secret_prop
+ network_watchlist_data_file
network_watchlist_service
package_native_service
perfprofd_service
diff --git a/private/file_contexts b/private/file_contexts
index 7d1457a..992bdc3 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -384,6 +384,7 @@
/data/misc/logd(/.*)? u:object_r:misc_logd_file:s0
/data/misc/media(/.*)? u:object_r:media_data_file:s0
/data/misc/net(/.*)? u:object_r:net_data_file:s0
+/data/misc/network_watchlist(/.*)? u:object_r:network_watchlist_data_file:s0
/data/misc/recovery(/.*)? u:object_r:recovery_data_file:s0
/data/misc/shared_relro(/.*)? u:object_r:shared_relro_file:s0
/data/misc/sms(/.*)? u:object_r:radio_data_file:s0
diff --git a/private/system_server.te b/private/system_server.te
index 6fb6142..eff8e8f 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -381,6 +381,10 @@
allow system_server adb_keys_file:dir create_dir_perms;
allow system_server adb_keys_file:file create_file_perms;
+# Manage /data/misc/network_watchlist
+allow system_server network_watchlist_data_file:dir create_dir_perms;
+allow system_server network_watchlist_data_file:file create_file_perms;
+
# Manage /data/misc/sms.
# TODO: Split into a separate type?
allow system_server radio_data_file:dir create_dir_perms;