From aedf22365661918f24fbee6d530f828327fb1e55 Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Tue, 26 Jan 2016 15:12:08 -0800
Subject: [PATCH] Reduce accessibility of voiceinteraction_service.

The services under this label are not meant to be exposed to all apps.
Currently only priv_app needs access.

Bug: 26799206
Change-Id: I07c60752d6ba78f27f90bf5075bcab47eba90b55
---
 priv_app.te | 1 +
 service.te  | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/priv_app.te b/priv_app.te
index d31bf477a..29c9fb7b0 100644
--- a/priv_app.te
+++ b/priv_app.te
@@ -29,6 +29,7 @@ allow priv_app surfaceflinger_service:service_manager find;
 allow priv_app app_api_service:service_manager find;
 allow priv_app system_api_service:service_manager find;
 allow priv_app persistent_data_block_service:service_manager find;
+allow priv_app voiceinteraction_service:service_manager find;
 
 # Traverse into /mnt/media_rw for bypassing FUSE daemon
 # TODO: narrow this to just MediaProvider
diff --git a/service.te b/service.te
index 6c284e668..a4dbc4d23 100644
--- a/service.te
+++ b/service.te
@@ -98,7 +98,7 @@ type usagestats_service, app_api_service, system_server_service, service_manager
 type usb_service, app_api_service, system_server_service, service_manager_type;
 type user_service, app_api_service, system_server_service, service_manager_type;
 type vibrator_service, app_api_service, system_server_service, service_manager_type;
-type voiceinteraction_service, app_api_service, system_server_service, service_manager_type;
+type voiceinteraction_service, system_server_service, service_manager_type;
 type wallpaper_service, app_api_service, system_server_service, service_manager_type;
 type webviewupdate_service, app_api_service, system_server_service, service_manager_type;
 type wifip2p_service, app_api_service, system_server_service, service_manager_type;
-- 
GitLab