From 3717424d284cab9dcadccbc1dee30e8fc7136383 Mon Sep 17 00:00:00 2001
From: Andrew Scull <ascull@google.com>
Date: Fri, 17 Feb 2017 13:51:32 +0000
Subject: [PATCH] SE Linux policies for OemLockService

Bug: 34766843
Test: gts-tradefed run gts -m GtsBootloaderServiceTestCases -t \
      com.google.android.bootloader.gts.BootloaderServiceTest
Change-Id: I8b939e0dbe8351a54f20c303921f606c3462c17d
---
 private/priv_app.te      | 1 +
 private/service_contexts | 1 +
 public/service.te        | 1 +
 3 files changed, 3 insertions(+)

diff --git a/private/priv_app.te b/private/priv_app.te
index 38ce673a1..e9741b74a 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -31,6 +31,7 @@ allow priv_app mediacasserver_service:service_manager find;
 allow priv_app mediaextractor_service:service_manager find;
 allow priv_app mediaserver_service:service_manager find;
 allow priv_app nfc_service:service_manager find;
+allow priv_app oem_lock_service:service_manager find;
 allow priv_app radio_service:service_manager find;
 allow priv_app surfaceflinger_service:service_manager find;
 allow priv_app app_api_service:service_manager find;
diff --git a/private/service_contexts b/private/service_contexts
index db2e9f6c2..b00579a60 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -103,6 +103,7 @@ network_score                             u:object_r:network_score_service:s0
 network_time_update_service               u:object_r:network_time_update_service:s0
 nfc                                       u:object_r:nfc_service:s0
 notification                              u:object_r:notification_service:s0
+oem_lock                                  u:object_r:oem_lock_service:s0
 otadexopt                                 u:object_r:otadexopt_service:s0
 overlay                                   u:object_r:overlay_service:s0
 package                                   u:object_r:package_service:s0
diff --git a/public/service.te b/public/service.te
index 444f82a57..9c52e9231 100644
--- a/public/service.te
+++ b/public/service.te
@@ -96,6 +96,7 @@ type network_management_service, app_api_service, ephemeral_app_api_service, sys
 type network_score_service, system_api_service, system_server_service, service_manager_type;
 type network_time_update_service, system_server_service, service_manager_type;
 type notification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
+type oem_lock_service, system_api_service, system_server_service, service_manager_type;
 type otadexopt_service, system_server_service, service_manager_type;
 type overlay_service, system_server_service, service_manager_type;
 type package_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
-- 
GitLab