PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c051300e5e
android_system_sepolicy/vendor/hal_fingerprint_default.te

10 lines
389 B
Plaintext
Raw Normal View History

Group all HAL impls using haldomain attribute This marks all HAL domain implementations with the haldomain attribute so that rules can be written which apply to all HAL implementations. This follows the pattern used for appdomain, netdomain and bluetoothdomain. Test: No change to policy according to sesearch. Bug: 34180936 Change-Id: I0cfe599b0d49feed36538503c226dfce41eb65f6
2017-01-10 15:54:25 -08:00
type hal_fingerprint_default, domain;
Switch Fingerprint HAL policy to _client/_server This switches Fingerprint HAL policy to the design which enables us to conditionally remove unnecessary rules from domains which are clients of Bluetooth HAL. Domains which are clients of Fingerprint HAL, such as system_server domain, are granted rules targeting hal_fingerprint only when the Fingerprint HAL runs in passthrough mode (i.e., inside the client's process). When the HAL runs in binderized mode (i.e., in another process/domain, with clients talking to the HAL over HwBinder IPC), rules targeting hal_fingerprint are not granted to client domains. Domains which offer a binderized implementation of Fingerprint HAL, such as hal_fingerprint_default domain, are always granted rules targeting hal_fingerprint. NOTE: This commit also removes unnecessary allow rules from Fingerprint HAL, such access to servicemanager (not hwservicemanager) and access to keystore daemon over Binder IPC. Fingerprint HAL does not use this functionality anyway and shouldn't use it either. Test: Enable fingerprint + PIN secure lock screen, confirm it unlocks with fingerprint or PIN Test: Disable PIN (and thus fingerprint) secure lock screen Test: make FingerprintDialog, install, make a fake purchase Test: Add fingerprint_hidl_hal_test to device.mk, build & add to device, adb shell stop, adb shell /data/nativetest64/fingerprint_hidl_hal_test/fingerprint_hidl_hal_test -- all tests pass Bug: 34170079 Change-Id: I6951c0f0640194c743ff7049357c77f5f21b71a1
2017-02-21 15:35:16 -08:00
hal_server_domain(hal_fingerprint_default, hal_fingerprint)
Group all HAL impls using haldomain attribute This marks all HAL domain implementations with the haldomain attribute so that rules can be written which apply to all HAL implementations. This follows the pattern used for appdomain, netdomain and bluetoothdomain. Test: No change to policy according to sesearch. Bug: 34180936 Change-Id: I0cfe599b0d49feed36538503c226dfce41eb65f6
2017-01-10 15:54:25 -08:00
New SeLinux policy for fingerprint HIDL Move from fingerprintd to new fingerprint_hal and update SeLinux policy. Test: Boot with no errors related to fingerprint sepolicy Bug: 33199080 Change-Id: Idfde0cb0530e75e705033042f64f3040f6df22d6
2016-12-15 19:46:43 -08:00
type hal_fingerprint_default_exec, exec_type, file_type;
init_daemon_domain(hal_fingerprint_default)
Ban vendor components access to core data types Vendor and system components are only allowed to share files by passing open FDs over HIDL. Ban all directory access and all file accesses other than what can be applied to an open file: stat/read/write/append. This commit marks core data types as core_data_file_type and bans access to non-core domains with an exemption for apps. A temporary exemption is also granted to domains that currently rely on access with TODOs and bug number for each exemption. Bug: 34980020 Test: Build and boot Marlin. Make phone call, watch youtube video. No new denials observed. Change-Id: I320dd30f9f0a5bf2f9bb218776b4bccdb529b197
2017-03-27 22:44:40 -07:00
# TODO (b/36644492) move hal_fingerprint's data file to
# /data/vendor/. Remove coredata_in_vendor_violators attribute.
typeattribute hal_fingerprint_default coredata_in_vendor_violators;
Reference in New Issue Copy Permalink