diff options
| author | josephjang <josephjang@google.com> | 2020-06-10 12:36:53 +0800 |
|---|---|---|
| committer | josephjang <josephjang@google.com> | 2020-06-12 14:10:07 +0800 |
| commit | 076dacce4a3954eca037278b0a581db60732974f (patch) | |
| tree | 92766510e914570c7e4e411ff71c580e2ae0f34a | |
| parent | a4e05ec0e7232418e67bbafc6a8deae1a9451aaf (diff) | |
| download | crosshatch-sepolicy-076dacce4a3954eca037278b0a581db60732974f.tar.gz | |
Add mDL oem hal sepolicy for crosshatch.
Bug: 136506289
Test: build success
Change-Id: Idf95fb93068e3233343f9bfc37fa61c777ad7340
| -rw-r--r-- | vendor/google/file_contexts | 1 | ||||
| -rw-r--r-- | vendor/google/hal_identity_citadel.te | 9 |
2 files changed, 10 insertions, 0 deletions
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts index e566c62..7818dfb 100644 --- a/vendor/google/file_contexts +++ b/vendor/google/file_contexts @@ -9,6 +9,7 @@ /vendor/bin/hw/android\.hardware\.weaver@1\.0-service\.citadel u:object_r:hal_weaver_citadel_exec:s0 /vendor/bin/hw/android\.hardware\.keymaster@4\.1-service\.citadel u:object_r:hal_keymaster_citadel_exec:s0 /vendor/bin/hw/android\.hardware\.rebootescrow-service\.citadel u:object_r:hal_rebootescrow_citadel_exec:s0 +/vendor/bin/hw/android\.hardware\.identity@1\.0-service\.citadel u:object_r:hal_identity_citadel_exec:s0 /vendor/bin/hw/citadeld u:object_r:citadeld_exec:s0 /vendor/bin/hw/init_citadel u:object_r:init_citadel_exec:s0 /vendor/bin/hw/wait_for_strongbox u:object_r:wait_for_strongbox_exec:s0 diff --git a/vendor/google/hal_identity_citadel.te b/vendor/google/hal_identity_citadel.te new file mode 100644 index 0000000..e29310c --- /dev/null +++ b/vendor/google/hal_identity_citadel.te @@ -0,0 +1,9 @@ +type hal_identity_citadel, domain; +type hal_identity_citadel_exec, exec_type, vendor_file_type, file_type; + +vndbinder_use(hal_identity_citadel) +binder_call(hal_identity_citadel, citadeld) +allow hal_identity_citadel citadeld_service:service_manager find; + +hal_server_domain(hal_identity_citadel, hal_identity) +init_daemon_domain(hal_identity_citadel) |