Add selinux policies for network stack service The policies allow the system server to register a network_stack_service used to communicate with the network stack process. Test: atest FrameworksNetTests Bug: b/112869080 Change-Id: Ib9b7d9150fe4afcce03c8b3dbb36b81c67e39366

commit: 47c2dee5c20b6973c6a8e2d52315a4e2c0a94782 [log] [tgz]
author: Remi NGUYEN VAN <reminv@google.com> Fri Dec 14 14:13:52 2018 +0900
committer: Remi NGUYEN VAN <reminv@google.com> Fri Dec 21 00:09:50 2018 +0000
tree: 6e307d3b3198dbe6ac7948514e9e82af78d54e08
parent: 41b626300789ba4f5109c8692d3f57bf6b26c008 [diff]
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 8ddefa1..f40ca77 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil

@@ -122,6 +122,7 @@
     mnt_vendor_file
     netd_stable_secret_prop
     network_stack
+    network_stack_service
     network_watchlist_data_file
     network_watchlist_service
     overlayfs_file

diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 994fb07..88cf5d6 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil

@@ -110,6 +110,7 @@
     mnt_product_file
     mnt_vendor_file
     network_stack
+    network_stack_service
     network_watchlist_data_file
     network_watchlist_service
     overlayfs_file

diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 1131cbd..0e1b414 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil

@@ -63,6 +63,7 @@
     mediaswcodec_tmpfs
     mnt_product_file
     network_stack
+    network_stack_service
     overlayfs_file
     permissionmgr_service
     recovery_socket

diff --git a/private/service_contexts b/private/service_contexts
index c90f93b..467a23d 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -118,6 +118,7 @@
 netd                                      u:object_r:netd_service:s0
 netpolicy                                 u:object_r:netpolicy_service:s0
 netstats                                  u:object_r:netstats_service:s0
+network_stack                             u:object_r:network_stack_service:s0
 network_management                        u:object_r:network_management_service:s0
 network_score                             u:object_r:network_score_service:s0
 network_time_update_service               u:object_r:network_time_update_service:s0

diff --git a/public/service.te b/public/service.te
index 4a404b3..a549b2f 100644
--- a/public/service.te
+++ b/public/service.te

@@ -118,6 +118,7 @@
 type netstats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type network_management_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type network_score_service, system_api_service, system_server_service, service_manager_type;
+type network_stack_service, system_server_service, service_manager_type;
 type network_time_update_service, system_server_service, service_manager_type;
 type notification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
 type oem_lock_service, system_api_service, system_server_service, service_manager_type;
commit	47c2dee5c20b6973c6a8e2d52315a4e2c0a94782	[log] [tgz]
author	Remi NGUYEN VAN <reminv@google.com>	Fri Dec 14 14:13:52 2018 +0900
committer	Remi NGUYEN VAN <reminv@google.com>	Fri Dec 21 00:09:50 2018 +0000
tree	6e307d3b3198dbe6ac7948514e9e82af78d54e08
parent	41b626300789ba4f5109c8692d3f57bf6b26c008 [diff]