Modify SELinux rules to allow vold to use the keymaster HAL directly.
Description: Since the Android N project uses Keymaster 1.5 and added full disk encryption support in vold when upgrading to Android T, the SELinux rules need to allow vold to use the keymaster HAL directly. Bug: 319506037 Change-Id: Ib21c59156a6de0c2b148e33de2fe8efb3606e697
This commit is contained in:
Peter Lee
parent
d9c3aec4f2
commit
b1c857c824
@ -327,6 +327,7 @@ neverallow { domain -vold -init } restorecon_prop:property_service set;
|
|||||||
neverallow vold {
|
neverallow vold {
|
||||||
domain
|
domain
|
||||||
-hal_health_storage_server
|
-hal_health_storage_server
|
||||||
|
-hal_keymaster_server
|
||||||
-system_suspend_server
|
-system_suspend_server
|
||||||
-hal_bootctl_server
|
-hal_bootctl_server
|
||||||
-hwservicemanager
|
-hwservicemanager
|
||||||
|
|||||||
@ -327,6 +327,7 @@ neverallow { domain -vold -init } restorecon_prop:property_service set;
|
|||||||
neverallow vold {
|
neverallow vold {
|
||||||
domain
|
domain
|
||||||
-hal_health_storage_server
|
-hal_health_storage_server
|
||||||
|
-hal_keymaster_server
|
||||||
-system_suspend_server
|
-system_suspend_server
|
||||||
-hal_bootctl_server
|
-hal_bootctl_server
|
||||||
-hwservicemanager
|
-hwservicemanager
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user