keymint: Add SharedSecret policies
Bug: 188728065
Change-Id: Icdbea8dcd84bfe25105c16027d5e32958bd1f31b
diff --git a/citadel/file_contexts b/citadel/file_contexts
index 9ee44e2..5376def 100644
--- a/citadel/file_contexts
+++ b/citadel/file_contexts
@@ -9,4 +9,4 @@
/vendor/bin/hw/citadeld u:object_r:citadeld_exec:s0
/vendor/bin/hw/init_citadel u:object_r:init_citadel_exec:s0
/vendor/bin/hw/wait_for_strongbox u:object_r:wait_for_strongbox_exec:s0
-/vendor/bin/hw/android.hardware.security.keymint-service.citadel u:object_r:hal_keymint_citadel_exec:s0
+/vendor/bin/hw/android\.hardware\.security\.keymint-service\.citadel u:object_r:hal_keymint_citadel_exec:s0
diff --git a/citadel/hal_keymint_citadel.te b/citadel/hal_keymint_citadel.te
index 130306a..b08f767 100644
--- a/citadel/hal_keymint_citadel.te
+++ b/citadel/hal_keymint_citadel.te
@@ -1,11 +1,11 @@
type hal_keymint_citadel, domain;
+hal_server_domain(hal_keymint_citadel, hal_keymint)
+
type hal_keymint_citadel_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_keymint_citadel)
vndbinder_use(hal_keymint_citadel)
binder_call(hal_keymint_citadel, citadeld)
allow hal_keymint_citadel citadeld_service:service_manager find;
-hal_server_domain(hal_keymint_citadel, hal_keymint)
-init_daemon_domain(hal_keymint_citadel)
-
get_prop(hal_keymint_citadel, vendor_security_patch_level_prop)
diff --git a/citadel/service_contexts b/citadel/service_contexts
index 76c3122..5639b58 100644
--- a/citadel/service_contexts
+++ b/citadel/service_contexts
@@ -1 +1,2 @@
-android.hardware.security.keymint.IKeyMintDevice/strongbox u:object_r:hal_keymint_service:s0
+android.hardware.security.keymint.IKeyMintDevice/strongbox u:object_r:hal_keymint_service:s0
+android.hardware.security.sharedsecret.ISharedSecret/strongbox u:object_r:hal_sharedsecret_service:s0