e79bbf9cf8
Revert submission 2829351-revert-2812456-revert-2812435-revert-2778549-expose-avf-rkp-hal-GTFGLMUUKQ-PAWNEHUQBT-WYENGHRTXK Reason for revert: Relands the original topic: https://r.android.com/q/topic:%22expose-avf-rkp-hal%22 Changes from the reverted cl aosp/2812455: - The AIDL service type has been renamed from avf_* to hal_* to be consistent with the others. - The new AIDL service type, hal_remotelyprovisionedcomponent_avf_service, for the IRPC/avf service, has been set up with the server/client model for AIDL Hal. The virtualizationservice is declared as server and RKPD is declared as client to access the service instead of raw service permission setup as in the reverted cl. This is aligned with the AIDL Hal configuration recommendation. - Since the existing type for IRPC hal_remotelyprovisionedcomponent is already associated with keymint server/client and has specific permission requirements, and some of the keymint clients might not need the AVF Hal. We decided to create a new AIDL service type instead of reusing the exisiting keymint service type. Reverted changes: /q/submissionid:2829351-revert-2812456-revert-2812435-revert-2778549-expose-avf-rkp-hal-GTFGLMUUKQ-PAWNEHUQBT-WYENGHRTXK Bug: 312427637 Bug: 310744536 Bug: 299257581 Test: atest MicrodroidHostTests librkp_support_test Change-Id: Id37764b5f98e3c30c0c63601560697cf1c02c0ad
50 lines
1.7 KiB
Text
50 lines
1.7 KiB
Text
typeattribute keystore coredomain;
|
|
|
|
init_daemon_domain(keystore)
|
|
|
|
# talk to keymaster
|
|
hal_client_domain(keystore, hal_keymaster)
|
|
|
|
# talk to confirmationui
|
|
hal_client_domain(keystore, hal_confirmationui)
|
|
|
|
# talk to keymint
|
|
hal_client_domain(keystore, hal_keymint)
|
|
|
|
# Ignore keystore attempts to access the AVF RKP Hal but keystore is not suppose to
|
|
# access it.
|
|
# TODO(b/312427637): Investigate the reason and fix the denial.
|
|
dontaudit keystore hal_remotelyprovisionedcomponent_avf_service:service_manager { find };
|
|
|
|
# This is used for the ConfirmationUI async callback.
|
|
allow keystore platform_app:binder call;
|
|
|
|
# Allow to check whether security logging is enabled.
|
|
get_prop(keystore, device_logging_prop)
|
|
|
|
# Allow keystore to check if the system is rkp only.
|
|
get_prop(keystore, remote_prov_prop)
|
|
|
|
# Allow keystore to check rkpd feature flags
|
|
get_prop(keystore, device_config_remote_key_provisioning_native_prop)
|
|
|
|
# Allow keystore to write to statsd.
|
|
unix_socket_send(keystore, statsdw, statsd)
|
|
|
|
# Keystore need access to the keystore2_key_contexts file to load the keystore key backend.
|
|
allow keystore keystore2_key_contexts_file:file r_file_perms;
|
|
|
|
# Allow keystore to listen to changing boot levels
|
|
get_prop(keystore, keystore_listen_prop)
|
|
|
|
# Keystore needs to transfer binder references to vold so that it
|
|
# can call keystore methods on those references.
|
|
allow keystore vold:binder transfer;
|
|
|
|
# Only keystore can set keystore.crash_count system property. Since init is allowed to set any
|
|
# system property, an exception is added for init as well.
|
|
set_prop(keystore, keystore_crash_prop)
|
|
neverallow { domain -keystore -init } keystore_crash_prop:property_service set;
|
|
|
|
# keystore is using apex_info via libvintf
|
|
use_apex_info(keystore)
|