Add rules for device-services. Address the following denials: avc: denied { add } for service=qti.ims.connectionmanagerservice scontext=u:r:ims:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager avc: denied { find } for service=vendor.qcom.PeripheralManager scontext=u:r:rild:s0 tcontext=u:object_r:per_mgr_service:s0 tclass=service_manager avc: denied { add } for service=qti.ims.connectionmanagerservice scontext=u:r:ims:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager Bug: 23935222 Change-Id: Ia41147328643e2dd9fe63faec2a23e40da718762

commit: 3aaae04b2a7243503b7c5a881938830aa5ce641c [log] [tgz]
author: dcashman <dcashman@google.com> Thu Sep 10 11:42:03 2015 -0700
committer: The Android Automerger <android-build@google.com> Thu Sep 10 14:10:38 2015 -0700
tree: f03e7b7fa48577aa52dd46c9aa0f8502cef8b90a
parent: 3172d682328009a60211e6be475222b9e1989a07 [diff]
diff --git a/sepolicy/ims.te b/sepolicy/ims.te
index 2331c26..9eb0959 100644
--- a/sepolicy/ims.te
+++ b/sepolicy/ims.te

@@ -11,6 +11,8 @@
 qmux_socket(ims)
 unix_socket_connect(ims, cnd, cnd)
 
+allow ims ims_service:service_manager add;
+
 allow ims ims_socket:sock_file write;
 allow ims self:socket create_socket_perms;
 allow ims self:udp_socket create_socket_perms;

diff --git a/sepolicy/rild.te b/sepolicy/rild.te
index 0905acc..2c91f7a 100644
--- a/sepolicy/rild.te
+++ b/sepolicy/rild.te

@@ -13,3 +13,4 @@
 allow rild time:unix_stream_socket connectto;
 
 allow rild mediaserver_service:service_manager find;
+allow rild per_mgr_service:service_manager find;

diff --git a/sepolicy/service.te b/sepolicy/service.te
index 69d4811..024106f 100644
--- a/sepolicy/service.te
+++ b/sepolicy/service.te

@@ -1,2 +1,4 @@
-type per_mgr_service,           service_manager_type;
 type atfwd_service,             service_manager_type;
+type cne_service,               service_manager_type;
+type ims_service,               service_manager_type;
+type per_mgr_service,           service_manager_type;

diff --git a/sepolicy/service_contexts b/sepolicy/service_contexts
index fd17e6e..be2ef33 100644
--- a/sepolicy/service_contexts
+++ b/sepolicy/service_contexts

@@ -1,2 +1,4 @@
-vendor.qcom.PeripheralManager             u:object_r:per_mgr_service:s0
 AtCmdFwd                                  u:object_r:atfwd_service:s0
+cneservice                                u:object_r:cne_service:s0
+qti.ims.connectionmanagerservice          u:object_r:ims_service:s0
+vendor.qcom.PeripheralManager             u:object_r:per_mgr_service:s0

diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te
index 014dfcb..b7d13d9 100644
--- a/sepolicy/system_app.te
+++ b/sepolicy/system_app.te

@@ -5,3 +5,4 @@
 set_prop(system_app, ctl_ppd_prop)
 
 allow system_app atfwd_service:service_manager add;
+allow system_app cne_service:service_manager add;
commit	3aaae04b2a7243503b7c5a881938830aa5ce641c	[log] [tgz]
author	dcashman <dcashman@google.com>	Thu Sep 10 11:42:03 2015 -0700
committer	The Android Automerger <android-build@google.com>	Thu Sep 10 14:10:38 2015 -0700
tree	f03e7b7fa48577aa52dd46c9aa0f8502cef8b90a
parent	3172d682328009a60211e6be475222b9e1989a07 [diff]