| typeattribute credstore coredomain; |
| |
| init_daemon_domain(credstore) |
| |
| # talk to Identity Credential |
| hal_client_domain(credstore, hal_identity) |
| |
| # talk to keymint, specifically for IRemotelyProvisionedComponent/default |
| hal_client_domain(credstore, hal_keymint) |
| |
| # credstore needs to get keys from the RKPD |
| get_prop(credstore, remote_prov_prop) |
| allow credstore remote_provisioning_service:service_manager find; |
| |
| binder_use(credstore) |
| binder_service(credstore) |
| binder_call(credstore, system_server) |
| |
| allow credstore credstore_data_file:dir create_dir_perms; |
| allow credstore credstore_data_file:file create_file_perms; |
| |
| add_service(credstore, credstore_service) |
| allow credstore sec_key_att_app_id_provider_service:service_manager find; |
| allow credstore dropbox_service:service_manager find; |
| allow credstore authorization_service:service_manager find; |
| allow credstore keystore:keystore2 get_auth_token; |
| |
| r_dir_file(credstore, cgroup) |
| r_dir_file(credstore, cgroup_v2) |