From f90c41f6e8d5c1266e154f46586a2ceb260f1be6 Mon Sep 17 00:00:00 2001
From: Riley Spahn <rileyspahn@google.com>
Date: Thu, 5 Jun 2014 15:52:02 -0700
Subject: Add SELinux rules for service_manager.

Add a service_mananger class with the verb add.
Add a type that groups the services for each of the
processes that is allowed to start services in service.te
and an attribute for all services controlled by the service
manager. Add the service_contexts file which maps service
name to target label.

Bug: 12909011
Change-Id: I017032a50bc90c57b536e80b972118016d340c7d
---
 drmserver.te | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'drmserver.te')

diff --git a/drmserver.te b/drmserver.te
index e2b62df..1993176 100644
--- a/drmserver.te
+++ b/drmserver.te
@@ -44,3 +44,5 @@ allow drmserver asec_apk_file:file { read getattr };
 
 # Read /data/data/com.android.providers.telephony files passed over Binder.
 allow drmserver radio_data_file:file { read getattr };
+
+allow drmserver drmserver_service:service_manager add;
-- 
cgit v1.2.3