commit b69b0f78747cb0dbf68c240af9ae4faa908d1aae
author Shawn Willden <swillden@google.com> Thu Apr 29 21:12:47 2021 -0600
committer Shawn Willden <swillden@google.com> Wed May 26 06:24:12 2021 -0600
tree e50a86476f6acdbda2aad8861f25a56d22c5eef1
parent f9637194a0b8f7ec33b110682d66c5586478fdc8

Allow keymint to access tee-device

Ignore-AOSP-First: No merge path from AOSP
Bug: 177729159
Test: build & boot w/keymint
Change-Id: I16a291d04c5dd951fede0ed9136af94718cac41f

public/hal_keymint.te

diff --git a/public/hal_keymint.te b/public/hal_keymint.te
index e56ab99..9c65e22 100644
--- a/public/hal_keymint.te
+++ b/public/hal_keymint.te
@@ -3,3 +3,6 @@
 hal_attribute_service(hal_keymint, hal_keymint_service)
 hal_attribute_service(hal_keymint, hal_remotelyprovisionedcomponent_service)
 binder_call(hal_keymint_server, servicemanager)
+
+allow hal_keymint tee_device:chr_file rw_file_perms;
+allow hal_keymint ion_device:chr_file r_file_perms;