Fix AAE emulator sepolicy denials

bug: 63386479 Test: make && emulator Change-Id: I3593c765f673018d5b3072eb21cc2e0e77b96687
author: Nicholas Sauer <nicksauer@google.com> 2017-07-07 10:45:09 -0700
committer: Nicholas Sauer <nicksauer@google.com> 2017-07-10 07:07:07 -0700
commit: 3578ac694ee4fe0016d802c2d8b45dee99dee564 (patch)
tree: 0970438f6390544bff6e176f0b3fd481ba1e1feb
parent: 228e43923f8c0b118823c76589be87d2cd7cea3b (diff)
download: car-3578ac694ee4fe0016d802c2d8b45dee99dee564.tar.gz
4 files changed, 5 insertions, 0 deletions
diff --git a/common/sepolicy/hal_vehicle_hwservice.te b/common/sepolicy/hal_vehicle_hwservice.te
new file mode 100644
index 0000000..0622fe8
--- /dev/null
+++ b/common/sepolicy/hal_vehicle_hwservice.te
@@ -0,0 +1 @@
+add_hwservice(hal_vehicle_default, hal_vehicle_hwservice)
diff --git a/common/sepolicy/hwservice.te b/common/sepolicy/hwservice.te
new file mode 100644
index 0000000..0333a3c
--- /dev/null
+++ b/common/sepolicy/hwservice.te
@@ -0,0 +1 @@
+type hal_vehicle_hwservice, hwservice_manager_type;
diff --git a/common/sepolicy/hwservice_contexts b/common/sepolicy/hwservice_contexts
new file mode 100644
index 0000000..d5fda9f
--- /dev/null
+++ b/common/sepolicy/hwservice_contexts
@@ -0,0 +1 @@
+android.hardware.automotive.vehicle::IVehicle u:object_r:hal_vehicle_hwservice:s0
diff --git a/common/sepolicy/system_app.te b/common/sepolicy/system_app.te
new file mode 100644
index 0000000..9b861d6
--- /dev/null
+++ b/common/sepolicy/system_app.te
@@ -0,0 +1,2 @@
+allow system_app hal_vehicle_hwservice:hwservice_manager find;
+allow system_app proc_stat:file {read open};
author	Nicholas Sauer <nicksauer@google.com>	2017-07-07 10:45:09 -0700
committer	Nicholas Sauer <nicksauer@google.com>	2017-07-10 07:07:07 -0700
commit	3578ac694ee4fe0016d802c2d8b45dee99dee564 (patch)
tree	0970438f6390544bff6e176f0b3fd481ba1e1feb
parent	228e43923f8c0b118823c76589be87d2cd7cea3b (diff)
download	car-3578ac694ee4fe0016d802c2d8b45dee99dee564.tar.gz