keystore.te · b73d321ad01bd279e7ed77c4569d35b628da6615 · Werner Sembach / AndroidSystemSEPolicy

Something went wrong on our end

11 years ago

Allow keystore to talk to the tee · b23d2876

Nick Kralevich authored 11 years ago

On manta, the keystore CTS tests are failing, because
keystore isn't allowed to talk to the tee. Allow it.

I've only seen this bug on manta, but it seems appropriate
for all domains.

Fixes the following denial:

<5>[  286.249563] type=1400 audit(1389210059.924:6): avc:  denied  { connectto } for  pid=126 comm="keystore" path=006D636461656D6F6E scontext=u:r:keystore:s0 tcontext=u:r:tee:s0 tclass=unix_stream_socket

Bug: 12450710
Change-Id: I07133d9abeaf967392118ba478a5a391cf0c5fa5

b23d2876

History

Allow keystore to talk to the tee

Nick Kralevich authored 11 years ago

On manta, the keystore CTS tests are failing, because
keystore isn't allowed to talk to the tee. Allow it.

I've only seen this bug on manta, but it seems appropriate
for all domains.

Fixes the following denial:

<5>[  286.249563] type=1400 audit(1389210059.924:6): avc:  denied  { connectto } for  pid=126 comm="keystore" path=006D636461656D6F6E scontext=u:r:keystore:s0 tcontext=u:r:tee:s0 tclass=unix_stream_socket

Bug: 12450710
Change-Id: I07133d9abeaf967392118ba478a5a391cf0c5fa5