From 81f405049f3001e9f5fe9324c66125df6dca993c Mon Sep 17 00:00:00 2001
From: Frank Yu <shengfanyu@google.com>
Date: Fri, 28 Jun 2024 04:06:29 +0000
Subject: [PATCH] Update sepolicy for grilservie_app to call twoshay service.

Related avc error log:
auditd  : type=1400 audit(0.0:7): avc:  denied  { call } for  comm="pool-2-thread-1" scontext=u:r:grilservice_app:s0:c248,c256,c512,c768 tcontext=u:r:twoshay:s0 tclass=binder permissive=0 app=com.google.android.grilservice
Bug: 347853101
Test: Manual test and tested v2/pixel-health-guard/device-boot-health-check-extra on abtd. No error log after this update.

Change-Id: I5083e0ce549fd98d3d12f5005c02abe0fd988208
---
 vendor/grilservice_app.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/vendor/grilservice_app.te b/vendor/grilservice_app.te
index 287053a..ed2c444 100644
--- a/vendor/grilservice_app.te
+++ b/vendor/grilservice_app.te
@@ -1,2 +1,3 @@
 allow grilservice_app hal_radio_ext_service:service_manager find;
-binder_call(grilservice_app, hal_radio_ext)
\ No newline at end of file
+binder_call(grilservice_app, hal_radio_ext)
+binder_call(grilservice_app, twoshay)
\ No newline at end of file