Merge "vold.te: stop allowing use of keymaster HAL directly"

commit: 39b27b87bae57e47cf270e13c74fc5ad6b7043bd [log] [tgz]
author: Eric Biggers <ebiggers@google.com> Wed Apr 20 17:42:28 2022 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Apr 20 17:42:28 2022 +0000
tree: d1228a8763c036922610ccbca7c8a5e1651869b2
parent: 8feef80fabcbcd5f6a23617133e047dd478bd2e5 [diff]
parent: bf717e18f18d489935322711e1a468fa6c8f838f [diff]
diff --git a/public/vold.te b/public/vold.te
index 8927482..b0fb6d0 100644
--- a/public/vold.te
+++ b/public/vold.te

@@ -213,9 +213,6 @@
 binder_call(vold, system_server)
 allow vold permission_service:service_manager find;
 
-# talk to keymaster
-hal_client_domain(vold, hal_keymaster)
-
 # talk to health storage HAL
 hal_client_domain(vold, hal_health_storage)
 
@@ -330,7 +327,6 @@
 neverallow vold {
   domain
   -hal_health_storage_server
-  -hal_keymaster_server
   -system_suspend_server
   -hal_bootctl_server
   -hwservicemanager
commit	39b27b87bae57e47cf270e13c74fc5ad6b7043bd	[log] [tgz]
author	Eric Biggers <ebiggers@google.com>	Wed Apr 20 17:42:28 2022 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Apr 20 17:42:28 2022 +0000
tree	d1228a8763c036922610ccbca7c8a5e1651869b2
parent	8feef80fabcbcd5f6a23617133e047dd478bd2e5 [diff]
parent	bf717e18f18d489935322711e1a468fa6c8f838f [diff]