Merge "Check vendor_property_contexts namespaces"
diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
index 486836b..8dd2d2f 100644
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -49,6 +49,7 @@
hal_keymint_service
hal_neuralnetworks_service
hal_power_stats_service
+ hal_remotelyprovisionedcomponent_service
hal_secureclock_service
hal_sharedsecret_service
hal_weaver_service
diff --git a/private/service_contexts b/private/service_contexts
index 7e250db..c1aab48 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -12,6 +12,7 @@
android.hardware.power.stats.IPowerStats/default u:object_r:hal_power_stats_service:s0
android.hardware.rebootescrow.IRebootEscrow/default u:object_r:hal_rebootescrow_service:s0
android.hardware.security.keymint.IKeyMintDevice/default u:object_r:hal_keymint_service:s0
+android.hardware.security.keymint.IRemotelyProvisionedComponent/default u:object_r:hal_remotelyprovisionedcomponent_service:s0
android.hardware.security.secureclock.ISecureClock/default u:object_r:hal_secureclock_service:s0
android.hardware.security.sharedsecret.ISharedSecret/default u:object_r:hal_sharedsecret_service:s0
android.hardware.vibrator.IVibrator/default u:object_r:hal_vibrator_service:s0
diff --git a/private/system_server.te b/private/system_server.te
index 27ad51c..a2aa259 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -770,9 +770,6 @@
allow system_server usb_device:chr_file rw_file_perms;
allow system_server usb_device:dir r_dir_perms;
-# Read from HW RNG (needed by EntropyMixer).
-allow system_server hw_random_device:chr_file r_file_perms;
-
# Read and delete files under /dev/fscklogs.
r_dir_file(system_server, fscklogs)
allow system_server fscklogs:dir { write remove_name };
diff --git a/public/app.te b/public/app.te
index 39d67af..67a996a 100644
--- a/public/app.te
+++ b/public/app.te
@@ -318,6 +318,9 @@
# Allow app to access shared memory created by camera HAL1
allow { appdomain -isolated_app } hal_camera:fd use;
+# Allow apps to access shared memory file descriptor from the tuner HAL
+allow {appdomain -isolated_app} hal_tv_tuner_server:fd use;
+
# RenderScript always-passthrough HAL
allow { appdomain -isolated_app } hal_renderscript_hwservice:hwservice_manager find;
allow appdomain same_process_hal_file:file { execute read open getattr map };
diff --git a/public/domain.te b/public/domain.te
index 6b29595..81163d1 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -403,13 +403,11 @@
# that could be set from init.rc.
neverallow { domain -init } kernel:security setsecparam;
-# Only init, ueventd, shell and system_server should be able to access HW RNG
+# Only the kernel hwrng thread should be able to read from the HW RNG.
neverallow {
domain
- -init
- -shell # For CTS and is restricted to getattr in shell.te
- -system_server
- -ueventd
+ -shell # For CTS, restricted to just getattr in shell.te
+ -ueventd # To create the /dev/hw_random file
} hw_random_device:chr_file *;
# b/78174219 b/64114943
neverallow {
diff --git a/public/hal_keymint.te b/public/hal_keymint.te
index 7570188..e56ab99 100644
--- a/public/hal_keymint.te
+++ b/public/hal_keymint.te
@@ -1,4 +1,5 @@
binder_call(hal_keymint_client, hal_keymint_server)
hal_attribute_service(hal_keymint, hal_keymint_service)
+hal_attribute_service(hal_keymint, hal_remotelyprovisionedcomponent_service)
binder_call(hal_keymint_server, servicemanager)
diff --git a/public/init.te b/public/init.te
index e546ece..069f17d 100644
--- a/public/init.te
+++ b/public/init.te
@@ -309,7 +309,6 @@
devpts
dm_device
hwbinder_device
- hw_random_device
input_device
kmsg_device
null_device
@@ -324,6 +323,7 @@
# chown/chmod on devices.
allow init {
dev_type
+ -hw_random_device
-keychord_device
-port_device
}:chr_file setattr;
@@ -533,10 +533,6 @@
# system/core/fs_mgr/fs_mgr.c - fs_mgr_swapon_all
allow init swap_block_device:blk_file rw_file_perms;
-# Read from /dev/hw_random if present.
-# system/core/init/init.c - mix_hwrng_into_linux_rng_action
-allow init hw_random_device:chr_file r_file_perms;
-
# Create and access /dev files without a specific type,
# e.g. /dev/.coldboot_done, /dev/.booting
# TODO: Move these files into their own type unless they are
diff --git a/public/service.te b/public/service.te
index 2e7f8b1..7292a97 100644
--- a/public/service.te
+++ b/public/service.te
@@ -252,6 +252,7 @@
type hal_power_service, vendor_service, protected_service, service_manager_type;
type hal_power_stats_service, vendor_service, protected_service, service_manager_type;
type hal_rebootescrow_service, vendor_service, protected_service, service_manager_type;
+type hal_remotelyprovisionedcomponent_service, vendor_service, protected_service, service_manager_type;
type hal_secureclock_service, vendor_service, protected_service, service_manager_type;
type hal_sharedsecret_service, vendor_service, protected_service, service_manager_type;
type hal_vibrator_service, vendor_service, protected_service, service_manager_type;
diff --git a/vendor/file_contexts b/vendor/file_contexts
index d05431c..785f4cb 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -73,7 +73,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.security\.keymint-service u:object_r:hal_keymint_default_exec:s0
/(vendor|system/vendor)/bin/hw/rild u:object_r:rild_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.thermal@1\.[01]-service u:object_r:hal_thermal_default_exec:s0
-/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.cec@1\.0-service u:object_r:hal_tv_cec_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.cec@1\.[01]-service u:object_r:hal_tv_cec_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.input@1\.0-service u:object_r:hal_tv_input_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.tuner@1\.[01]-service u:object_r:hal_tv_tuner_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.usb@1\.0-service u:object_r:hal_usb_default_exec:s0