• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Set a new domain
2type mtk_hal_keymanage, domain;
3
4# Set mtk_hal_keymanage as server domain of hal_keymaster
5hal_server_domain(mtk_hal_keymanage, hal_keymaster)
6
7# Set exec file type
8type mtk_hal_keymanage_exec, exec_type, file_type, vendor_file_type;
9
10# Setup for domain transition
11init_daemon_domain(mtk_hal_keymanage)
12
13# Associate mtk_hal_keymanage_hwservice with all server domain
14add_hwservice(hal_keymaster_server, mtk_hal_keymanage_hwservice)
15
16# Give permission for hal_keymaster_client to find mtk_hal_keymanage_hwservice via hwservice_manager
17allow hal_keymaster_client mtk_hal_keymanage_hwservice:hwservice_manager find;
18
19# Give permission for hal_key_manage to access kisd service
20
21allow mtk_hal_keymanage kisd:unix_stream_socket connectto;
22
23# Allow mtk_hal_keyinstall to access /data/key_provisioning
24allow mtk_hal_keymanage key_install_data_file:dir { write add_name remove_name search };
25allow mtk_hal_keymanage key_install_data_file:file { write create setattr read getattr unlink open append };
26
27allow mtk_hal_keymanage debugfs_tracing:file { write };
28