blob: d3efa88d35196678b429781d511b962480b27416 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
# Set a new domain
type mtk_hal_keymanage, domain;
# Set mtk_hal_keymanage as server domain of hal_keymaster
hal_server_domain(mtk_hal_keymanage, hal_keymaster)
# Set exec file type
type mtk_hal_keymanage_exec, exec_type, file_type, vendor_file_type;
# Setup for domain transition
init_daemon_domain(mtk_hal_keymanage)
# Associate mtk_hal_keymanage_hwservice with all server domain
add_hwservice(hal_keymaster_server, mtk_hal_keymanage_hwservice)
# Give permission for hal_keymaster_client to find mtk_hal_keymanage_hwservice via hwservice_manager
allow hal_keymaster_client mtk_hal_keymanage_hwservice:hwservice_manager find;
# Give permission for hal_key_manage to access kisd service
allow mtk_hal_keymanage kisd:unix_stream_socket connectto;
# Allow mtk_hal_keyinstall to access /data/key_provisioning
allow mtk_hal_keymanage key_install_data_file:dir { write add_name remove_name search };
allow mtk_hal_keymanage key_install_data_file:file { write create setattr read getattr unlink open append };
allow mtk_hal_keymanage debugfs_tracing:file { write };
|
