commit c4ab01baadf83eb694dad03924f06f0b49289658
author David Drysdale <drysdale@google.com> Mon Oct 09 15:05:07 2023 +0100
committer Hasini Gunasinghe <hasinitg@google.com> Thu Oct 26 02:00:43 2023 +0000
tree 4a5528e2034ef959eb4ce9f56900dd42eb97fa7f
parent 012b954125d1c2655ae1f90b70734b02886abc4d

Add sepolicy for non-secure AuthGraph impl

Bug: 284470121
Bug: 291228560
Test: hal_implementation_test
Test: VtsAidlAuthGraphSessionTest
Change-Id: I85bf9e0656bab3c96765cc15a5a983aefb6af66d

vendor/file_contexts

diff --git a/vendor/file_contexts b/vendor/file_contexts
index efe0b71..5bae6c5 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -97,6 +97,7 @@
 /(vendor|system/vendor)/bin/hw/android\.hardware\.sensors-service(\.multihal)?  u:object_r:hal_sensors_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.secure_element@1\.0-service u:object_r:hal_secure_element_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.secure_element-service.example u:object_r:hal_secure_element_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.security\.authgraph-service\.nonsecure    u:object_r:hal_authgraph_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.security\.keymint-service   u:object_r:hal_keymint_default_exec:s0
 /(vendor|system/vendor)/bin/hw/rild                                           u:object_r:rild_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.tetheroffload-service\.example u:object_r:hal_tetheroffload_default_exec:s0

vendor/hal_authgraph_default.te

diff --git a/vendor/hal_authgraph_default.te b/vendor/hal_authgraph_default.te
new file mode 100644
index 0000000..1676cca
--- /dev/null
+++ b/vendor/hal_authgraph_default.te
@@ -0,0 +1,5 @@
+type hal_authgraph_default, domain;
+hal_server_domain(hal_authgraph_default, hal_authgraph)
+
+type hal_authgraph_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_authgraph_default)