Prepare sepolicy for launching Keystore 2.0 service
This patch labels /system/bin/keystore2 as a keystore executable and
allows keystore to register "system.security.keystore2" with the service
manager.
Bug: 160623310
Test: None
Change-Id: I1812e565438c2b8ae55c8d10bcc8450d27717697
diff --git a/private/file_contexts b/private/file_contexts
index 08e9e2f..c76ff3d 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -259,6 +259,7 @@
/system/bin/art_apex_boot_integrity u:object_r:art_apex_boot_integrity_exec:s0
/system/bin/credstore u:object_r:credstore_exec:s0
/system/bin/keystore u:object_r:keystore_exec:s0
+/system/bin/keystore2 u:object_r:keystore_exec:s0
/system/bin/fingerprintd u:object_r:fingerprintd_exec:s0
/system/bin/gatekeeperd u:object_r:gatekeeperd_exec:s0
/system/bin/tombstoned u:object_r:tombstoned_exec:s0
diff --git a/private/service_contexts b/private/service_contexts
index 51161c0..808edcc 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -16,6 +16,7 @@
android.os.UpdateEngineStableService u:object_r:update_engine_stable_service:s0
android.security.identity u:object_r:credstore_service:s0
android.security.keystore u:object_r:keystore_service:s0
+android.security.keystore2 u:object_r:keystore_service:s0
android.service.gatekeeper.IGateKeeperService u:object_r:gatekeeper_service:s0
app_binding u:object_r:app_binding_service:s0
app_integrity u:object_r:app_integrity_service:s0