Adding policies for KeyStore MAC.

Add keystore_key class and an action for each action supported by keystore. Add policies that replicate the access control that already exists in keystore. Add auditallow rules for actions not known to be used frequently. Add macro for those domains wishing to access keystore. Change-Id: Iddd8672b9e9b72b45ee208e6eda608cc9dc61edc
author: Riley Spahn <rileyspahn@google.com> 2014-06-17 14:58:52 -0700
committer: Riley Spahn <rileyspahn@google.com> 2014-06-26 08:53:10 -0700
commit: 1196d2a5763c9a99be99ba81a4a29d938a83cc06 (patch)
tree: 03e20d5f1505006c66a8ffa3e60aa87c8ef50e91 /access_vectors
parent: 8c6552acfba677442d565a0c7f8e44f5f2af57f2 (diff)
download: android_external_sepolicy-1196d2a5763c9a99be99ba81a4a29d938a83cc06.tar.gz
android_external_sepolicy-1196d2a5763c9a99be99ba81a4a29d938a83cc06.tar.bz2
android_external_sepolicy-1196d2a5763c9a99be99ba81a4a29d938a83cc06.zip
1 files changed, 20 insertions, 0 deletions
diff --git a/access_vectors b/access_vectors
index 7609d9d..f8c0110 100644
--- a/access_vectors
+++ b/access_vectors
@@ -893,3 +893,23 @@ class service_manager
 {
 	add
 }
+
+class keystore_key
+{
+	test
+	get
+	insert
+	delete
+	exist
+	saw
+	reset
+	password
+	lock
+	unlock
+	zero
+	sign
+	verify
+	grant
+	duplicate
+	clear_uid
+}
author	Riley Spahn <rileyspahn@google.com>	2014-06-17 14:58:52 -0700
committer	Riley Spahn <rileyspahn@google.com>	2014-06-26 08:53:10 -0700
commit	1196d2a5763c9a99be99ba81a4a29d938a83cc06 (patch)
tree	03e20d5f1505006c66a8ffa3e60aa87c8ef50e91 /access_vectors
parent	8c6552acfba677442d565a0c7f8e44f5f2af57f2 (diff)
download	android_external_sepolicy-1196d2a5763c9a99be99ba81a4a29d938a83cc06.tar.gz android_external_sepolicy-1196d2a5763c9a99be99ba81a4a29d938a83cc06.tar.bz2 android_external_sepolicy-1196d2a5763c9a99be99ba81a4a29d938a83cc06.zip