From 6d53efcf468e13be3fa08ec5055a6f7e2e934a42 Mon Sep 17 00:00:00 2001
From: David Anderson <dvander@google.com>
Date: Mon, 14 Jan 2019 14:38:17 -0800
Subject: [PATCH] sepolicy for gsid

Bug: 122556707
Test: gsid starts
Change-Id: Ib05ddb79051436f51cd236de04027a3b12ee87a9
Signed-off-by: Sandeep Patil <sspatil@google.com>
---
 private/compat/28.0/28.0.ignore.cil |  3 +++
 private/file_contexts               |  1 +
 private/gsid.te                     | 10 ++++++++++
 private/service.te                  |  1 +
 private/service_contexts            |  1 +
 5 files changed, 16 insertions(+)
 create mode 100644 private/gsid.te

diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 960d5fc7f..690b47f04 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -35,6 +35,9 @@
     flags_health_check_exec
     fwk_bufferhub_hwservice
     fwk_stats_hwservice
+    gsi_service
+    gsid
+    gsid_exec
     color_display_service
     hal_atrace_hwservice
     hal_face_hwservice
diff --git a/private/file_contexts b/private/file_contexts
index dfdcc1bd2..0605ee495 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -310,6 +310,7 @@
 /system/bin/wait_for_keymaster   u:object_r:wait_for_keymaster_exec:s0
 /system/bin/watchdogd            u:object_r:watchdogd_exec:s0
 /system/bin/apexd                u:object_r:apexd_exec:s0
+/system/bin/gsid                 u:object_r:gsid_exec:s0
 
 #############################
 # Vendor files
diff --git a/private/gsid.te b/private/gsid.te
new file mode 100644
index 000000000..5ac1c2521
--- /dev/null
+++ b/private/gsid.te
@@ -0,0 +1,10 @@
+# gsid - Manager for GSI Installation
+
+type gsid, domain;
+type gsid_exec, exec_type, file_type, system_file_type;
+typeattribute gsid coredomain;
+
+init_daemon_domain(gsid)
+
+binder_use(gsid)
+add_service(gsid, gsi_service)
diff --git a/private/service.te b/private/service.te
index 3fec8825a..fc9a95a39 100644
--- a/private/service.te
+++ b/private/service.te
@@ -1,2 +1,3 @@
+type gsi_service,               service_manager_type;
 type stats_service, service_manager_type;
 type statscompanion_service, system_server_service, service_manager_type;
diff --git a/private/service_contexts b/private/service_contexts
index a548883a6..82c94f92f 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -10,6 +10,7 @@ android.service.gatekeeper.IGateKeeperService    u:object_r:gatekeeper_service:s
 app_binding                               u:object_r:app_binding_service:s0
 app_prediction                            u:object_r:app_prediction_service:s0
 apexservice                               u:object_r:apex_service:s0
+gsiservice                                u:object_r:gsi_service:s0
 appops                                    u:object_r:appops_service:s0
 appwidget                                 u:object_r:appwidget_service:s0
 assetatlas                                u:object_r:assetatlas_service:s0
-- 
GitLab