tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/keystore.te
Nick Kralevich 2d8dcb732c Revert "Make the keystore domain enforcing." 
This is causing runtime restarts on flo/deb when uninstalling
some APKs. Revert while I investigate it.

11-04 21:52:41.487   687   704 I ActivityManager: Force stopping com.android.development appid=10078 user=-1: uninstall pkg
11-04 21:52:41.487   687   712 W PackageManager: Couldn't delete native library directory /data/app-lib/com.android.development
11-04 21:52:41.557   687   712 W dalvikvm: threadid=20: thread exiting with uncaught exception (group=0x959dfae8)
11-04 21:52:41.557   687   712 E AndroidRuntime: *** FATAL EXCEPTION IN SYSTEM PROCESS: PackageManager
11-04 21:52:41.557   687   712 E AndroidRuntime: java.lang.NullPointerException
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.security.KeyStore.clearUid(KeyStore.java:327)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.removeKeystoreDataIfNeeded(PackageManagerService.java:9787)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.removePackageDataLI(PackageManagerService.java:9384)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.deleteInstalledPackageLI(PackageManagerService.java:9503)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.deletePackageLI(PackageManagerService.java:9612)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.deletePackageX(PackageManagerService.java:9239)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.access$4100(PackageManagerService.java:178)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService$7.run(PackageManagerService.java:9173)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.Handler.handleCallback(Handler.java:733)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.Handler.dispatchMessage(Handler.java:95)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.Looper.loop(Looper.java:136)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.HandlerThread.run(HandlerThread.java:61)
11-04 21:52:41.567   687   712 I Process : Sending signal. PID: 687 SIG: 9

and

[    7.324554] type=1400 audit(1383601030.823:5): avc:  denied  { read write } for  pid=192 comm="keystore" name="qseecom" dev="tmpfs" ino=7521 scontext=u:r:keystore:s0 tcontext=u:object_r:device:s0 tclass=chr_file

This reverts commit 709d71836d.

Bug: 11518274
2013-11-05 09:57:40 -08:00

13 lines
449 B
Text
Raw Blame History

type keystore, domain;
permissive keystore;
type keystore_exec, exec_type, file_type;
# keystore daemon
init_daemon_domain(keystore)
typeattribute keystore mlstrustedsubject;
binder_use(keystore)
binder_service(keystore)
allow keystore keystore_data_file:dir create_dir_perms;
allow keystore keystore_data_file:notdevfile_class_set create_file_perms;
allow keystore keystore_exec:file { getattr };
allow keystore tee_device:chr_file rw_file_perms;
Reference in a new issue View git blame Copy permalink