From 1dac39e83306d24b04add472586d5c0b38e83908 Mon Sep 17 00:00:00 2001 From: Tri Vo Date: Wed, 21 Apr 2021 23:26:27 -0700 Subject: [PATCH] trusty: sepolicy for metrics reporter Bug: 173423860 Test: m Change-Id: I42d646c6c9453662e670e7c22712f2bde2368bba --- whitechapel/vendor/google/file_contexts | 1 + whitechapel/vendor/google/trusty_metricsd.te | 11 +++++++++++ 2 files changed, 12 insertions(+) create mode 100644 whitechapel/vendor/google/trusty_metricsd.te diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index fe5e846e..3b2121b7 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -321,6 +321,7 @@ /vendor/bin/securedpud.slider u:object_r:securedpud_slider_exec:s0 /vendor/bin/storageproxyd u:object_r:tee_exec:s0 /vendor/bin/trusty_apploader u:object_r:trusty_apploader_exec:s0 +/vendor/bin/trusty_metricsd\.gs101 u:object_r:trusty_metricsd_exec:s0 /vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0 /vendor/bin/hw/android\.hardware\.keymaster@4\.0-service\.trusty u:object_r:hal_keymaster_default_exec:s0 /vendor/bin/hw/android\.hardware\.confirmationui@1\.0-service\.trusty\.vendor u:object_r:hal_confirmationui_default_exec:s0 diff --git a/whitechapel/vendor/google/trusty_metricsd.te b/whitechapel/vendor/google/trusty_metricsd.te new file mode 100644 index 00000000..63fc85b6 --- /dev/null +++ b/whitechapel/vendor/google/trusty_metricsd.te @@ -0,0 +1,11 @@ +type trusty_metricsd, domain; +type trusty_metricsd_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(trusty_metricsd) + +allow trusty_metricsd tee_device:chr_file rw_file_perms; + +# For Suez metrics collection +binder_use(trusty_metricsd) +binder_call(trusty_metricsd, system_server) +allow trusty_metricsd fwk_stats_service:service_manager find;