From ac5293b4fb6e186475d708228152e4c75323aefb Mon Sep 17 00:00:00 2001
From: Daniel Rosenberg <drosen@google.com>
Date: Tue, 2 Oct 2018 19:09:47 -0700
Subject: [PATCH] Add bootctl for vold

Allows checkpoint commands to check A/B update status

Test: vdc checkpoint startCheckpoint -1
Bug: 111020314
Change-Id: I086db548d55176bf88211001c7c1eecb8c50689e
---
 public/vold.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/public/vold.te b/public/vold.te
index 13c63379b..df72f29ec 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -164,6 +164,9 @@ hal_client_domain(vold, hal_keymaster)
 # talk to health storage HAL
 hal_client_domain(vold, hal_health_storage)
 
+# talk to bootloader HAL
+hal_client_domain(vold, hal_bootctl)
+
 # Access userdata block device.
 allow vold userdata_block_device:blk_file rw_file_perms;
 
@@ -266,6 +269,7 @@ neverallow vold {
   -hal_health_storage_server
   -hal_keymaster_server
   -hal_system_suspend_server
+  -hal_bootctl
   -healthd
   -hwservicemanager
   -servicemanager
-- 
GitLab