Allow app to access configstore HAL
Apps should be able to access the configstore HAL since framework
libraries which are loaded into app process can call configstore.
Letting apps have direct access to this HAL is OK because:
(1) the API of this HAL does not make clients provide any sensitive
information to the HAL, which makes it impossible for the HAL to
disclose sensitive information of its clients when the HAL is
compromised,
(2) we will require that this HAL is binderized (i.e., does not run
inside the process of its clients),
(3) we will require that this HAL runs in a tight seccomp sandbox
(this HAL doesn't need much access, if at all) and,
(4) we'll restrict the HALs powers via neverallows.
Test: apps can use configstore hal.
Change-Id: I04836b7318fbc6ef78deff770a22c68ce7745fa9
diff --git a/private/app.te b/private/app.te
index 1b1f4ca..04be106 100644
--- a/private/app.te
+++ b/private/app.te
@@ -246,6 +246,9 @@
# Allow app to access the graphic allocator HAL
binder_call({ appdomain -isolated_app }, hal_graphics_allocator)
+# App can access configstore HAL which is read only
+binder_call({ appdomain -isolated_app }, hal_configstore)
+
# Allow app to access shared memory created by camera HAL1
allow { appdomain -isolated_app } hal_camera:fd use;