From dc248dcb020403bc5de8abe95b9bd42e91a513a5 Mon Sep 17 00:00:00 2001 From: Konsta Date: Mon, 3 Mar 2025 19:43:03 +0200 Subject: [PATCH] gatekeeper: switch to aidl apex * https://android.googlesource.com/device/linaro/dragonboard/+/6ecd625b287bcaa163b487e44b22899bdbf90a1a --- device.mk | 2 +- sepolicy/file_contexts | 3 --- sepolicy/keystore.te | 1 + sepolicy/service_contexts | 1 + 4 files changed, 3 insertions(+), 4 deletions(-) create mode 100644 sepolicy/keystore.te diff --git a/device.mk b/device.mk index 8078f05..eb990ab 100644 --- a/device.mk +++ b/device.mk @@ -164,7 +164,7 @@ PRODUCT_PACKAGES += \ # Gatekeeper PRODUCT_PACKAGES += \ - android.hardware.gatekeeper@1.0-service.software + com.android.hardware.gatekeeper.nonsecure # Graphics PRODUCT_PACKAGES += \ diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 5badaa0..fe3d2d2 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -14,9 +14,6 @@ # FFmpeg /vendor/bin/hw/android\.hardware\.media\.c2@1\.2-service-ffmpeg u:object_r:mediacodec_exec:s0 -# Gatekeeper -/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software u:object_r:hal_gatekeeper_default_exec:s0 - # Graphics /dev/dri u:object_r:gpu_device:s0 /dev/dri/card0 u:object_r:gpu_device:s0 diff --git a/sepolicy/keystore.te b/sepolicy/keystore.te new file mode 100644 index 0000000..287151b --- /dev/null +++ b/sepolicy/keystore.te @@ -0,0 +1 @@ +hal_client_domain(keystore, hal_gatekeeper) diff --git a/sepolicy/service_contexts b/sepolicy/service_contexts index 0638150..5962f1d 100644 --- a/sepolicy/service_contexts +++ b/sepolicy/service_contexts @@ -1,2 +1,3 @@ android.hardware.drm.IDrmFactory/widevine u:object_r:hal_drm_service:s0 +android.hardware.security.sharedsecret.ISharedSecret/gatekeeper u:object_r:hal_gatekeeper_service:s0 mapper/minigbm_gbm_mesa u:object_r:hal_graphics_mapper_service:s0