| <!-- |
| Copyright 2023 The ChromiumOS Authors |
| Use of this source code is governed by a BSD-style license that can be |
| found in the LICENSE file. |
| --> |
| <!DOCTYPE busconfig PUBLIC |
| "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" |
| "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> |
| <busconfig> |
| <policy user="trunks"> |
| <allow own="org.chromium.Trunks" /> |
| </policy> |
| |
| <!-- For gsctool related upstart and command line tools. --> |
| <policy user="root"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| |
| <!-- TpmManager needs direct access to Trunks. --> |
| <policy user="tpm_manager"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| |
| <!-- Indirect access via gsctool. --> |
| <policy user="rmad"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| |
| <!-- Indirect access via libhwsec. --> |
| <policy user="attestation"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="chaps"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="device_management"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="u2f"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="vtpm"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="biod"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="oobe_config_save"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="oobe_config_restore"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="cdm-oemcrypto"> |
| <!-- The user of tee-supplicant --> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| <policy user="gsclog"> |
| <allow send_destination="org.chromium.Trunks" /> |
| </policy> |
| |
| <!-- |
| Note: |
| BootLockbox only depends on TpmManager. |
| We don't need to add this here. |
| --> |
| |
| <policy context="default"> |
| <!-- introspection denied --> |
| <deny send_destination="org.chromium.Trunks" |
| send_interface="org.freedesktop.DBus.Introspectable" /> |
| </policy> |
| </busconfig> |