From abb5c72b8bbbb5bdf7ffd996dbbe9eb2b5a503c1 Mon Sep 17 00:00:00 2001
From: Prashant Malani <pmalani@google.com>
Date: Mon, 3 Oct 2016 15:39:55 -0700
Subject: [PATCH] system_server: Allow hwservicemanager to make binder calls

Fixes the following denial:
avc: denied { call } for pid=791 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:hwservicemanager:s0 tclass=binder permissive=1

Test: Builds, boots, vibrator works on bullhead
Change-Id: I56a0a86b64f5d46dc490f6f3255009c40e6e3f8f
---
 public/system_server.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/public/system_server.te b/public/system_server.te
index c243bc64c..69a1943f1 100644
--- a/public/system_server.te
+++ b/public/system_server.te
@@ -555,6 +555,9 @@ r_dir_file(system_server, proc_net)
 r_dir_file(system_server, rootfs)
 r_dir_file(system_server, sysfs_type)
 
+# Allow system_server to make binder calls to hwservicemanager
+binder_call(system_server, hwservicemanager)
+
 
 ###
 ### Neverallow rules
-- 
GitLab