Untrack keystore SELinux denial on AVF RKP Hal
With the dontaudit line in keystore.te commented out on an otherwise clean build, I was unable to see the SELinux denial on boot. So, it seems like this denial may not be occurring anymore and it’s safe to remove the dontaudit line. Bug: 312427637 Test: manual Change-Id: Ib8887f0593ea984e3c011b76a81b7bf99cff2a44
This commit is contained in:
Karuna Wadhera
parent
75c6fe25a1
commit
fb728ac3af
1 changed files with 0 additions and 5 deletions
|
|
@ -11,11 +11,6 @@ hal_client_domain(keystore, hal_confirmationui)
|
|||
# talk to keymint
|
||||
hal_client_domain(keystore, hal_keymint)
|
||||
|
||||
# Ignore keystore attempts to access the AVF RKP Hal but keystore is not suppose to
|
||||
# access it.
|
||||
# TODO(b/312427637): Investigate the reason and fix the denial.
|
||||
dontaudit keystore hal_remotelyprovisionedcomponent_avf_service:service_manager { find };
|
||||
|
||||
# This is used for the ConfirmationUI async callback.
|
||||
allow keystore platform_app:binder call;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue