Restrict access to /dev/hw_random to system_server and init. /dev/hw_random is accessed only by init and by EntropyMixer (which runs inside system_server). Other domains are denied access because apps/services should be obtaining randomness from the Linux RNG. Change-Id: Ifde851004301ffd41b2189151a64a0c5989c630f

commit: 8d688315aeb053eadc2606badbe4ce52899bb694 [log] [tgz]
author: Alex Klyubin <klyubin@google.com> Thu Oct 03 13:35:56 2013 -0700
committer: Alex Klyubin <klyubin@google.com> Thu Oct 03 14:25:15 2013 -0700
tree: 830fb46bbe21e00bebfac678883a43a78ee87f5b
parent: 109f9e62b4672b941720d3e1a5595f1835be8515 [diff] [blame]
diff --git a/file_contexts b/file_contexts
index c4c4a09..dfdb439 100644
--- a/file_contexts
+++ b/file_contexts

@@ -48,6 +48,7 @@
 /dev/full		u:object_r:full_device:s0
 /dev/fuse		u:object_r:fuse_device:s0
 /dev/graphics(/.*)?	u:object_r:graphics_device:s0
+/dev/hw_random		u:object_r:hw_random_device:s0
 /dev/input(/.*)		u:object_r:input_device:s0
 /dev/iio:device[0-9]+   u:object_r:iio_device:s0
 /dev/ion		u:object_r:ion_device:s0
commit	8d688315aeb053eadc2606badbe4ce52899bb694	[log] [tgz]
author	Alex Klyubin <klyubin@google.com>	Thu Oct 03 13:35:56 2013 -0700
committer	Alex Klyubin <klyubin@google.com>	Thu Oct 03 14:25:15 2013 -0700
tree	830fb46bbe21e00bebfac678883a43a78ee87f5b
parent	109f9e62b4672b941720d3e1a5595f1835be8515 [diff] [blame]