0f6c047d2e
As a result, Keymaster and DRM HALs are permitted to talk to tee domain over sockets. Unfortunately, the tee domain needs to remain on the exemptions list because drmserver, mediaserver, and surfaceflinger are currently permitted to talk to this domain over sockets. We need to figure out why global policy even defines a TEE domain... Test: mmm system/sepolicy Bug: 36601092 Bug: 36601602 Bug: 36714625 Bug: 36715266 Change-Id: I0b95e23361204bd046ae5ad22f9f953c810c1895
6 lines
190 B
Plaintext
6 lines
190 B
Plaintext
type hal_keymaster_default, domain;
|
|
hal_server_domain(hal_keymaster_default, hal_keymaster)
|
|
|
|
type hal_keymaster_default_exec, exec_type, file_type;
|
|
init_daemon_domain(hal_keymaster_default)
|