tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "The SE Policies to incorporate ISecureClock and ISharedSecret services along with IKeyMintDevice service into default keymint HAL Server. Test: Rebuild, execute and run atest VtsAidlSharedSecretTargetTest and atest VtsAidlSecureClockTargetTest. Bug: b/171844725, b/168673523." am: 98e48ac6b4 am: cf5f18538e

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1562770

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I9fec342a6157d820d0a9499a24908df3ddd586df
This commit is contained in:
Treehugger Robot 2021-02-12 05:17:31 +00:00 committed by Automerger Merge Worker
commit b4781f0eca
4 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
private/compat/30.0/30.0.ignore.cil
View file

@ -48,6 +48,8 @@
hal_keymint_service hal_keymint_service
hal_neuralnetworks_service hal_neuralnetworks_service
hal_power_stats_service hal_power_stats_service
hal_secureclock_service
hal_sharedsecret_service
hal_weaver_service hal_weaver_service
keystore_compat_hal_service keystore_compat_hal_service
keystore2_key_contexts_file keystore2_key_contexts_file

2
private/service_contexts
View file

@ -12,6 +12,8 @@ android.hardware.power.IPower/default u:object_r:
android.hardware.power.stats.IPowerStats/default u:object_r:hal_power_stats_service:s0 android.hardware.power.stats.IPowerStats/default u:object_r:hal_power_stats_service:s0
android.hardware.rebootescrow.IRebootEscrow/default u:object_r:hal_rebootescrow_service:s0 android.hardware.rebootescrow.IRebootEscrow/default u:object_r:hal_rebootescrow_service:s0
android.hardware.security.keymint.IKeyMintDevice/default u:object_r:hal_keymint_service:s0 android.hardware.security.keymint.IKeyMintDevice/default u:object_r:hal_keymint_service:s0
android.hardware.security.secureclock.ISecureClock/default u:object_r:hal_secureclock_service:s0
android.hardware.security.sharedsecret.ISharedSecret/default u:object_r:hal_sharedsecret_service:s0
android.hardware.vibrator.IVibrator/default u:object_r:hal_vibrator_service:s0 android.hardware.vibrator.IVibrator/default u:object_r:hal_vibrator_service:s0
android.hardware.vibrator.IVibratorManager/default u:object_r:hal_vibrator_service:s0 android.hardware.vibrator.IVibratorManager/default u:object_r:hal_vibrator_service:s0
android.hardware.weaver.IWeaver/default u:object_r:hal_weaver_service:s0 android.hardware.weaver.IWeaver/default u:object_r:hal_weaver_service:s0

2
public/service.te
View file

@ -252,6 +252,8 @@ type hal_oemlock_service, vendor_service, protected_service, service_manager_typ
type hal_power_service, vendor_service, protected_service, service_manager_type; type hal_power_service, vendor_service, protected_service, service_manager_type;
type hal_power_stats_service, vendor_service, protected_service, service_manager_type; type hal_power_stats_service, vendor_service, protected_service, service_manager_type;
type hal_rebootescrow_service, vendor_service, protected_service, service_manager_type; type hal_rebootescrow_service, vendor_service, protected_service, service_manager_type;
type hal_secureclock_service, vendor_service, protected_service, service_manager_type;
type hal_sharedsecret_service, vendor_service, protected_service, service_manager_type;
type hal_vibrator_service, vendor_service, protected_service, service_manager_type; type hal_vibrator_service, vendor_service, protected_service, service_manager_type;
type hal_weaver_service, vendor_service, protected_service, service_manager_type; type hal_weaver_service, vendor_service, protected_service, service_manager_type;

3
vendor/hal_keymint_default.te vendored
View file

@ -4,4 +4,7 @@ hal_server_domain(hal_keymint_default, hal_keymint)
type hal_keymint_default_exec, exec_type, vendor_file_type, file_type; type hal_keymint_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_keymint_default) init_daemon_domain(hal_keymint_default)
hal_attribute_service(hal_keymint, hal_secureclock_service)
hal_attribute_service(hal_keymint, hal_sharedsecret_service)
get_prop(hal_keymint_default, vendor_security_patch_level_prop); get_prop(hal_keymint_default, vendor_security_patch_level_prop);