Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 1d2a3fedcc7f196e8d9a0517e052769dab4858e4^! / .
commit1d2a3fedcc7f196e8d9a0517e052769dab4858e4[log] [tgz]
authorSubrahmanyaman <subrahmanyaman@google.com>Thu Jul 21 00:14:14 2022 +0000
committerSubrahmanyaman <subrahmanyaman@google.com>Mon Sep 19 17:43:26 2022 +0000
treeba18257f8a6b55dc7bb88fd98728e34275badd96
parentbaf23792886654f1afeaa7657f4642b9b6843395 [diff]
hidl2aidl: conversion of gatekeeper hidl to aidl

Conversion of the gatekeeper hidl interface to stable aidl interface.

Bug: 205760843
Test: run vts -m VtsHalGatekeeperTarget
Change-Id: I44f554e711efadcd31de79b543f42c0afb27c23c

diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 7a7f61f..ea4282a 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go

@@ -34,6 +34,7 @@
 		"android.hardware.drm.IDrmFactory/clearkey":                               []string{},
 		"android.hardware.drm.ICryptoFactory/clearkey":                            []string{},
 		"android.hardware.dumpstate.IDumpstateDevice/default":                     []string{},
+		"android.hardware.gatekeeper.IGatekeeper/default":                         []string{},
 		"android.hardware.gnss.IGnss/default":                                     []string{},
 		"android.hardware.graphics.allocator.IAllocator/default":                  []string{},
 		"android.hardware.graphics.composer3.IComposer/default":                   []string{},

diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 90e2eaf..209d9b1 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil

@@ -19,4 +19,5 @@
     tuner_server_ctl_prop
     virtual_face_hal_prop
     virtual_fingerprint_hal_prop
+    hal_gatekeeper_service
   ))

diff --git a/private/service_contexts b/private/service_contexts
index 1504bac..c07f958 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -56,6 +56,7 @@
 android.hardware.security.dice.IDiceDevice/default                   u:object_r:hal_dice_service:s0
 android.hardware.security.keymint.IKeyMintDevice/default             u:object_r:hal_keymint_service:s0
 android.hardware.security.keymint.IRemotelyProvisionedComponent/default u:object_r:hal_remotelyprovisionedcomponent_service:s0
+android.hardware.gatekeeper.IGatekeeper/default                      u:object_r:hal_gatekeeper_service:s0
 android.hardware.security.secureclock.ISecureClock/default             u:object_r:hal_secureclock_service:s0
 android.hardware.security.sharedsecret.ISharedSecret/default             u:object_r:hal_sharedsecret_service:s0
 android.hardware.sensors.ISensors/default                            u:object_r:hal_sensors_service:s0

diff --git a/public/hal_gatekeeper.te b/public/hal_gatekeeper.te
index b918f88..fc23e64 100644
--- a/public/hal_gatekeeper.te
+++ b/public/hal_gatekeeper.te

@@ -1,6 +1,8 @@
 binder_call(hal_gatekeeper_client, hal_gatekeeper_server)
 
 hal_attribute_hwservice(hal_gatekeeper, hal_gatekeeper_hwservice)
+hal_attribute_service(hal_gatekeeper, hal_gatekeeper_service)
+binder_call(hal_gatekeeper_server, servicemanager)
 
 # TEE access.
 allow hal_gatekeeper tee_device:chr_file rw_file_perms;

diff --git a/public/service.te b/public/service.te
index 4bd5e65..8d45e42 100644
--- a/public/service.te
+++ b/public/service.te

@@ -309,6 +309,7 @@
 type hal_nlinterceptor_service, protected_service, hal_service_type, service_manager_type;
 type hal_wifi_hostapd_service, protected_service, hal_service_type, service_manager_type;
 type hal_wifi_supplicant_service, protected_service, hal_service_type, service_manager_type;
+type hal_gatekeeper_service, protected_service, hal_service_type, service_manager_type;
 
 ###
 ### Neverallow rules