am cbc8f796: Rename keystore methods and delete unused permissions

* commit 'cbc8f796551151c0d9651500d5d9f116177a07dc':
  Rename keystore methods and delete unused permissions
This commit is contained in:
Chad Brubaker 2015-05-15 20:17:53 +00:00 committed by Android Git Automerger
commit 2e4726dd12
5 changed files with 11 additions and 17 deletions

View file

@ -890,25 +890,22 @@ class service_manager
class keystore_key
{
test
get_state
get
insert
delete
exist
saw
list
reset
password
lock
unlock
zero
is_empty
sign
verify
grant
duplicate
clear_uid
reset_uid
sync_uid
password_uid
add_auth
user_changed
}

2
app.te
View file

@ -185,7 +185,7 @@ control_logd(appdomain)
# application inherit logd write socket (urge is to deprecate this long term)
allow appdomain zygote:unix_dgram_socket write;
allow { appdomain -isolated_app } keystore:keystore_key { test get insert delete exist saw sign verify };
allow { appdomain -isolated_app } keystore:keystore_key { get_state get insert delete exist list sign verify };
use_keystore({ appdomain -isolated_app })

View file

@ -13,6 +13,6 @@ allow binderservicedomain console_device:chr_file rw_file_perms;
allow binderservicedomain appdomain:fd use;
allow binderservicedomain appdomain:fifo_file write;
allow binderservicedomain keystore:keystore_key { test get insert delete exist saw sign verify };
allow binderservicedomain keystore:keystore_key { get_state get insert delete exist list sign verify };
use_keystore(binderservicedomain)

View file

@ -57,17 +57,17 @@ allow system_app app_api_service:service_manager find;
allow system_app system_api_service:service_manager find;
allow system_app keystore:keystore_key {
test
get_state
get
insert
delete
exist
saw
list
reset
password
lock
unlock
zero
is_empty
sign
verify
grant

View file

@ -381,25 +381,22 @@ allow system_server system_server_service:service_manager { add find };
allow system_server surfaceflinger_service:service_manager find;
allow system_server keystore:keystore_key {
test
get_state
get
insert
delete
exist
saw
list
reset
password
lock
unlock
zero
is_empty
sign
verify
grant
duplicate
clear_uid
reset_uid
sync_uid
password_uid
add_auth
user_changed
};