commit 02bf814aa24e4b69c5fa356958f9de91badbde26
author David Zeuthen <zeuthen@google.com> Fri Jan 17 16:47:53 2020 -0500
committer David Zeuthen <zeuthen@google.com> Wed Feb 19 13:46:45 2020 -0500
tree 79d215497cc3ce307bb727f96a0694a0857e710a
parent 429ce33777ffd92d3b0538b718761a0584d5bfe8

Add SELinux policy for credstore and update for IC HAL port from HIDL to AIDL.

The credstore service is a system service which backs the
android.security.identity.* Framework APIs. It essentially calls into
the Identity Credential HAL while providing persistent storage for
credentials.

Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: I5cd9a6ae810e764326355c0842e88c490f214c60

private/file_contexts

diff --git a/private/file_contexts b/private/file_contexts
index 3955708..5a53782 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -252,6 +252,7 @@
 /system/bin/otapreopt_chroot   u:object_r:otapreopt_chroot_exec:s0
 /system/bin/otapreopt_slot   u:object_r:otapreopt_slot_exec:s0
 /system/bin/art_apex_boot_integrity   u:object_r:art_apex_boot_integrity_exec:s0
+/system/bin/credstore	u:object_r:credstore_exec:s0
 /system/bin/keystore	u:object_r:keystore_exec:s0
 /system/bin/fingerprintd u:object_r:fingerprintd_exec:s0
 /system/bin/gatekeeperd u:object_r:gatekeeperd_exec:s0
@@ -535,6 +536,7 @@
 /data/misc/incidents(/.*)?	    u:object_r:incident_data_file:s0
 /data/misc/installd(/.*)?		u:object_r:install_data_file:s0
 /data/misc/keychain(/.*)?       u:object_r:keychain_data_file:s0
+/data/misc/credstore(/.*)?       u:object_r:credstore_data_file:s0
 /data/misc/keystore(/.*)?       u:object_r:keystore_data_file:s0
 /data/misc/logd(/.*)?           u:object_r:misc_logd_file:s0
 /data/misc/media(/.*)?          u:object_r:media_data_file:s0