tequilaOS/platform_system_sepolicy

Fork 0

Commit graph

Author	SHA1	Message	Date
Steven Moreland	82f7900341	Make AIDL HAL client attribute an exclusive client. Like HIDL HALs, if we have a service which is allowed to access hal_<foo>_service, we want that service to have the attribute hal_<foo>_client. Unlike HIDL HALs, some AIDL services are allowed to get ahold of all HALs, so these have to be exempted from this check. Fixes: 168152053 Test: neverallows pass Change-Id: I4bce6d9441c2921c3ea40f2b01fef4030c02a28a	2020-09-11 00:02:00 +00:00
David Zeuthen	02bf814aa2	Add SELinux policy for credstore and update for IC HAL port from HIDL to AIDL. The credstore service is a system service which backs the android.security.identity.* Framework APIs. It essentially calls into the Identity Credential HAL while providing persistent storage for credentials. Bug: 111446262 Test: atest android.security.identity.cts Test: VtsHalIdentityTargetTest Test: android.hardware.identity-support-lib-test Change-Id: I5cd9a6ae810e764326355c0842e88c490f214c60	2020-02-19 13:46:45 -05:00
David Zeuthen	b8b5da4305	Add SELinux policy for Identity Credential HAL Bug: 111446262 Test: VtsHalIdentityCredentialTargetTest Change-Id: Icb5a0d8b24d463a2f1533f8dd3bfa84bf90acc6f	2020-01-14 20:13:39 -05:00

Author

SHA1

Message

Date

Steven Moreland

82f7900341

Make AIDL HAL client attribute an exclusive client.

Like HIDL HALs, if we have a service which is allowed to access
hal_<foo>_service, we want that service to have the attribute
hal_<foo>_client.

Unlike HIDL HALs, some AIDL services are allowed to get ahold of all
HALs, so these have to be exempted from this check.

Fixes: 168152053
Test: neverallows pass
Change-Id: I4bce6d9441c2921c3ea40f2b01fef4030c02a28a

2020-09-11 00:02:00 +00:00

David Zeuthen

02bf814aa2

Add SELinux policy for credstore and update for IC HAL port from HIDL to AIDL.

The credstore service is a system service which backs the
android.security.identity.* Framework APIs. It essentially calls into
the Identity Credential HAL while providing persistent storage for
credentials.

Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: I5cd9a6ae810e764326355c0842e88c490f214c60

2020-02-19 13:46:45 -05:00

David Zeuthen

b8b5da4305

Add SELinux policy for Identity Credential HAL

Bug: 111446262
Test: VtsHalIdentityCredentialTargetTest
Change-Id: Icb5a0d8b24d463a2f1533f8dd3bfa84bf90acc6f

2020-01-14 20:13:39 -05:00

3 commits