Skip to content
Snippets Groups Projects
Commit 9d5f97b3 authored by Treehugger Robot's avatar Treehugger Robot Committed by Gerrit Code Review
Browse files

Merge "Fix sepolicy for Gatekeeper HAL"

parents 6de0d9a7 12e960e6
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
public/gatekeeperd.te
+ 0
1
View file @ 9d5f97b3
...@@ -15,7 +15,6 @@ allow gatekeeperd system_file:dir r_dir_perms; ...@@ -15,7 +15,6 @@ allow gatekeeperd system_file:dir r_dir_perms;
### Rules needed when Gatekeeper HAL runs outside of gatekeeperd process. ### Rules needed when Gatekeeper HAL runs outside of gatekeeperd process.
### These rules should eventually be granted only when needed. ### These rules should eventually be granted only when needed.
hwbinder_use(gatekeeperd)
hal_client_domain(gatekeeperd, hal_gatekeeper) hal_client_domain(gatekeeperd, hal_gatekeeper)
### ###
......
public/hal_gatekeeper.te
+ 1
4
View file @ 9d5f97b3
# call into gatekeeperd process (callbacks) binder_call(hal_gatekeeper_client, hal_gatekeeper_server)
# TODO: This rules is unlikely to be needed because Gatekeeper HIDL
# says there are no callbacks
binder_call(hal_gatekeeper, gatekeeperd)
# TEE access. # TEE access.
allow hal_gatekeeper tee_device:chr_file rw_file_perms; allow hal_gatekeeper tee_device:chr_file rw_file_perms;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment