PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sepolicy: Move wifi keystore HAL service to wificond

Browse Source 
Bug: 142969896
Test: Verified connecting to passpoint networks.
Change-Id: Iac72b13e24f45bbf834d698cfcfd0fe9177a80d3
Merged-In: Iac72b13e24f45bbf834d698cfcfd0fe9177a80d3
This commit is contained in:
Roshan Pius 2019-10-20 19:44:38 -07:00
parent cc3f943436
commit 31f511ae08
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
private/keystore.te
View File

@ -11,9 +11,5 @@ hal_client_domain(keystore, hal_confirmationui)
# This is used for the ConfirmationUI async callback.
allow keystore platform_app:binder call;
# Offer the Wifi Keystore HwBinder service
typeattribute keystore wifi_keystore_service_server;
add_hwservice(keystore, system_wifi_keystore_hwservice)
# Allow to check whether security logging is enabled.
get_prop(keystore, device_logging_prop)

11
public/wificond.te
View File

@ -30,3 +30,14 @@ allow wificond permission_service:service_manager find;
# dumpstate support
allow wificond dumpstate:fd use;
allow wificond dumpstate:fifo_file write;
#### Offer the Wifi Keystore HwBinder service ###
hwbinder_use(wificond)
get_prop(wificond, hwservicemanager_prop)
typeattribute wificond wifi_keystore_service_server;
add_hwservice(wificond, system_wifi_keystore_hwservice)
# Allow keystore binder access to serve the HwBinder service.
allow wificond keystore_service:service_manager find;
allow wificond keystore:binder call;
allow wificond keystore:keystore_key get;