commit 4877bedec2611ec5f49be78684479604939da847
author Alice Wang <aliceywang@google.com> Thu Jun 27 14:12:10 2024 +0000
committer Alice Wang <aliceywang@google.com> Fri Jul 19 08:48:30 2024 +0000
tree 3d228c4241adf5c470e31da5f4cbaaf4bda09f33
parent 113f4d6fed0e4abd94841ef8d8fabdf2c9951759

Allow shell to call virtualizationservice for AVF RKP HAL

The permission to virtualizationservice is required by the
rkp_factory_extraction_tool to run a special service VM
needed by the AVF RKP HAL.

This cl also disallows the shell to access the
virtualization_service for security reasons.

Bug: 349517746
Test: run rkp_factory_extraction_tool without disabling selinux
Change-Id: I935ddaa895e2503439aa9feb7a718d7233ef47b6

private/shell.te

diff --git a/private/shell.te b/private/shell.te
index 6d6e06f..f896541 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -198,6 +198,11 @@
 
 # Allow shell to execute the remote key provisioning factory tool
 binder_call(shell, hal_keymint)
+# Allow shell to run the AVF RKP HAL during the execution of the remote key
+# provisioning factory tool.
+# TODO(b/351113293): Remove this once the AVF RKP HAL registration is moved to
+# a separate process.
+binder_call(shell, virtualizationservice)
 
 # Allow reading the outcome of perf_event_open LSM support test for CTS.
 get_prop(shell, init_perf_lsm_hooks_prop)
@@ -360,6 +365,7 @@
   -virtual_touchpad_service
   -vold_service
   -default_android_service
+  -virtualization_service
 }:service_manager find;
 allow shell dumpstate:binder call;
 
@@ -489,6 +495,7 @@
   hal_keymint_service
   hal_secureclock_service
   hal_sharedsecret_service
+  virtualization_service
 }:service_manager find;
 
 # Do not allow shell to hard link to any files.