commit 23f0f3b28a245fddddc111939d08e56e45d1899e
author Max Bires <jbires@google.com> Wed Dec 23 21:53:08 2020 -0800
committer Max Bires <jbires@google.com> Mon Feb 08 01:33:12 2021 -0800
tree 49d6477a135bf1eb611aa048392f206652e3e18c
parent ae73b479fce0b5723f89367965a99416027a08b9

SEPolicy for RemoteProvisioning App

This change adds the SEPolicy changes required to support the remote
provisioning flow. The notable additions are specifically labeling the
remote provisioning app and giving it access to find the remote
provisioning service which is added in keystore. It also requires
network access in order to communicate to the provisioning servers.

This functionality is extremely narrow to the point that it seems worth
it to define a separate domain for this app, rather than add this in to
the priv_app or platform_app permission files. Since this app also
communicates with the network, it also seems advantageous to limit its
permissions only to what is absolutely necessary to perform its
function.

Test: No denials!
Change-Id: I602c12365a575d914afc91f55e6a9b6aa2e14189

private/seapp_contexts

diff --git a/private/seapp_contexts b/private/seapp_contexts
index 929f073..b8e42ea 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -143,6 +143,7 @@
 isSystemServer=true domain=system_server_startup
 
 user=_app isPrivApp=true name=com.android.traceur domain=traceur_app type=app_data_file levelFrom=all
+user=_app isPrivApp=true name=com.android.remoteprovisioner domain=remote_prov_app type=app_data_file levelFrom=all
 user=system seinfo=platform domain=system_app type=system_app_data_file
 user=bluetooth seinfo=platform domain=bluetooth type=bluetooth_data_file
 user=network_stack seinfo=network_stack domain=network_stack type=radio_data_file