970cfa5674
There are still some paths (potentially obsolete) on non-treble devices where hal_keymint_client domains have the hal_keymint typeattribute applied. In these cases, those domains also pick up the file access permissions currently granted to hal_keymint. Clean this up by limiting the permissions to hal_keymint_server only. Test: VtsAidlKeyMintTargetTest Change-Id: If1a437636824df254da245e7587df825b6963ed9
8 lines
354 B
Text
8 lines
354 B
Text
binder_call(hal_keymint_client, hal_keymint_server)
|
|
|
|
hal_attribute_service(hal_keymint, hal_keymint_service)
|
|
hal_attribute_service(hal_keymint, hal_remotelyprovisionedcomponent_service)
|
|
binder_call(hal_keymint_server, servicemanager)
|
|
|
|
allow hal_keymint_server tee_device:chr_file rw_file_perms;
|
|
allow hal_keymint_server ion_device:chr_file r_file_perms;
|