Keystore 2.0: sepolicy changes for vold to use keystore2 Vold needs to be able to search for keystore2 and keystore2 maintenance services, and call methods provided by those services. Bug: 181910578 Change-Id: I6e336c3bfaabe158b850dc175b6c9a942dd717be

commit: a9990045280f3ca67de82aaee433f77da23e1462 [log] [tgz]
author: Satya Tangirala <satyat@google.com> Mon Mar 01 02:53:46 2021 -0800
committer: Satya Tangirala <satyat@google.com> Wed Apr 07 02:14:33 2021 -0700
tree: 787e80ea6a42e8ed1e9a5393203beccb793b453f
parent: 794b7d83ec69ee417a9f89c14811264245ef8c26 [diff] [blame]
diff --git a/private/vold.te b/private/vold.te
index 93a3515..d794abf 100644
--- a/private/vold.te
+++ b/private/vold.te

@@ -45,7 +45,11 @@
     use
 };
 
+# vold needs to call keystore methods
+allow vold keystore:binder call;
+
 # vold needs to find keystore2 services
+allow vold keystore_service:service_manager find;
 allow vold keystore_maintenance_service:service_manager find;
 
 # vold needs to be able to call earlyBootEnded()
commit	a9990045280f3ca67de82aaee433f77da23e1462	[log] [tgz]
author	Satya Tangirala <satyat@google.com>	Mon Mar 01 02:53:46 2021 -0800
committer	Satya Tangirala <satyat@google.com>	Wed Apr 07 02:14:33 2021 -0700
tree	787e80ea6a42e8ed1e9a5393203beccb793b453f
parent	794b7d83ec69ee417a9f89c14811264245ef8c26 [diff] [blame]