Merge "Allow for ISecretkeeper/default" into main
This commit is contained in:
commit
3f63eead74
3 changed files with 6 additions and 0 deletions
|
@ -120,6 +120,7 @@ var (
|
||||||
"android.hardware.security.dice.IDiceDevice/default": EXCEPTION_NO_FUZZER,
|
"android.hardware.security.dice.IDiceDevice/default": EXCEPTION_NO_FUZZER,
|
||||||
"android.hardware.security.keymint.IKeyMintDevice/default": EXCEPTION_NO_FUZZER,
|
"android.hardware.security.keymint.IKeyMintDevice/default": EXCEPTION_NO_FUZZER,
|
||||||
"android.hardware.security.keymint.IRemotelyProvisionedComponent/default": EXCEPTION_NO_FUZZER,
|
"android.hardware.security.keymint.IRemotelyProvisionedComponent/default": EXCEPTION_NO_FUZZER,
|
||||||
|
"android.hardware.security.secretkeeper.ISecretkeeper/default": EXCEPTION_NO_FUZZER,
|
||||||
"android.hardware.security.secretkeeper.ISecretkeeper/nonsecure": EXCEPTION_NO_FUZZER,
|
"android.hardware.security.secretkeeper.ISecretkeeper/nonsecure": EXCEPTION_NO_FUZZER,
|
||||||
"android.hardware.security.secureclock.ISecureClock/default": EXCEPTION_NO_FUZZER,
|
"android.hardware.security.secureclock.ISecureClock/default": EXCEPTION_NO_FUZZER,
|
||||||
"android.hardware.security.sharedsecret.ISharedSecret/default": EXCEPTION_NO_FUZZER,
|
"android.hardware.security.sharedsecret.ISharedSecret/default": EXCEPTION_NO_FUZZER,
|
||||||
|
|
|
@ -125,6 +125,7 @@ android.hardware.secure_element.ISecureElement/eSE3 u:object_r:
|
||||||
android.hardware.secure_element.ISecureElement/SIM1 u:object_r:hal_secure_element_service:s0
|
android.hardware.secure_element.ISecureElement/SIM1 u:object_r:hal_secure_element_service:s0
|
||||||
android.hardware.secure_element.ISecureElement/SIM2 u:object_r:hal_secure_element_service:s0
|
android.hardware.secure_element.ISecureElement/SIM2 u:object_r:hal_secure_element_service:s0
|
||||||
android.hardware.secure_element.ISecureElement/SIM3 u:object_r:hal_secure_element_service:s0
|
android.hardware.secure_element.ISecureElement/SIM3 u:object_r:hal_secure_element_service:s0
|
||||||
|
android.hardware.security.secretkeeper.ISecretkeeper/default u:object_r:hal_secretkeeper_service:s0
|
||||||
android.hardware.security.secretkeeper.ISecretkeeper/nonsecure u:object_r:hal_secretkeeper_service:s0
|
android.hardware.security.secretkeeper.ISecretkeeper/nonsecure u:object_r:hal_secretkeeper_service:s0
|
||||||
android.system.keystore2.IKeystoreService/default u:object_r:keystore_service:s0
|
android.system.keystore2.IKeystoreService/default u:object_r:keystore_service:s0
|
||||||
android.system.net.netd.INetd/default u:object_r:system_net_netd_service:s0
|
android.system.net.netd.INetd/default u:object_r:system_net_netd_service:s0
|
||||||
|
|
|
@ -6,3 +6,7 @@ hal_attribute_service(hal_secretkeeper, hal_secretkeeper_service)
|
||||||
|
|
||||||
binder_use(hal_secretkeeper_server)
|
binder_use(hal_secretkeeper_server)
|
||||||
binder_use(hal_secretkeeper_client)
|
binder_use(hal_secretkeeper_client)
|
||||||
|
|
||||||
|
# The Secretkeeper HAL service needs to communicate with a trusted application running
|
||||||
|
# in the TEE, which is represented by the tee_device permission.
|
||||||
|
allow hal_secretkeeper_server tee_device:chr_file rw_file_perms;
|
||||||
|
|
Loading…
Reference in a new issue