ce542660c9
New type added in sepolicy to restrict Vendor defined uuid mapping config file access to SecureElement. Bug: b/180639372 Test: Run OMAPI CTS and VTS tests Change-Id: I81d715fa5d5a72c893c529eb542ce62747afcd03
16 lines
582 B
Text
16 lines
582 B
Text
# secure element subsystem
|
|
typeattribute secure_element coredomain;
|
|
app_domain(secure_element)
|
|
|
|
binder_service(secure_element)
|
|
add_service(secure_element, secure_element_service)
|
|
|
|
allow secure_element app_api_service:service_manager find;
|
|
hal_client_domain(secure_element, hal_secure_element)
|
|
|
|
# already open bugreport file descriptors may be shared with
|
|
# the secure element process, from a file in
|
|
# /data/data/com.android.shell/files/bugreports/bugreport-*.
|
|
allow secure_element shell_data_file:file read;
|
|
|
|
allow secure_element vendor_uuid_mapping_config_file:file r_file_perms;
|