tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/private/keystore.te
Max Bires aaacfdb054 Add ro.remote_provisioning.*.rkp_only properties. 
These properties are used to inform keystore2 and the RemoteProvisioner
app how they should behave in the system in the event that RKP keys are
exhausted. The usual behavior in a hybrid system is not to take any
action and fallback to the factory provisioned key if key attestation is
requested and no remotely provisioned keys are available.

However, there are instances where this could happen on a device that
was intended to be RKP only, in which case the system needs to know that
it should go ahead and attempt to remotely provision new certificates or
throw an error in the case where none are available.

Test: New properties are accessible from the two domains
Change-Id: I8d6c9e650566499bf08cfda2f71c64d5c2b26fd6
2022-04-04 11:23:12 -07:00

38 lines
1.2 KiB
Text
Raw Blame History

typeattribute keystore coredomain;
init_daemon_domain(keystore)
# talk to keymaster
hal_client_domain(keystore, hal_keymaster)
# talk to confirmationui
hal_client_domain(keystore, hal_confirmationui)
# talk to keymint
hal_client_domain(keystore, hal_keymint)
# This is used for the ConfirmationUI async callback.
allow keystore platform_app:binder call;
# Allow to check whether security logging is enabled.
get_prop(keystore, device_logging_prop)
# Allow keystore to check if the system is rkp only.
get_prop(keystore, remote_prov_prop)
# Allow keystore to write to statsd.
unix_socket_send(keystore, statsdw, statsd)
# Keystore need access to the keystore_key context files to load the keystore key backend.
allow keystore keystore2_key_contexts_file:file r_file_perms;
get_prop(keystore, keystore_listen_prop)
# Keystore needs to transfer binder references to vold so that it
# can call keystore methods on those references.
allow keystore vold:binder transfer;
# Only keystore can set keystore.crash_count system property. Since init is allowed to set any
# system property, an exception is added for init as well.
set_prop(keystore, keystore_crash_prop)
neverallow { domain -keystore -init } keystore_crash_prop:property_service set;
Reference in a new issue View git blame Copy permalink