am cbc8f796
: Rename keystore methods and delete unused permissions
* commit 'cbc8f796551151c0d9651500d5d9f116177a07dc': Rename keystore methods and delete unused permissions
This commit is contained in:
commit
2e4726dd12
5 changed files with 11 additions and 17 deletions
|
@ -890,25 +890,22 @@ class service_manager
|
|||
|
||||
class keystore_key
|
||||
{
|
||||
test
|
||||
get_state
|
||||
get
|
||||
insert
|
||||
delete
|
||||
exist
|
||||
saw
|
||||
list
|
||||
reset
|
||||
password
|
||||
lock
|
||||
unlock
|
||||
zero
|
||||
is_empty
|
||||
sign
|
||||
verify
|
||||
grant
|
||||
duplicate
|
||||
clear_uid
|
||||
reset_uid
|
||||
sync_uid
|
||||
password_uid
|
||||
add_auth
|
||||
user_changed
|
||||
}
|
||||
|
|
2
app.te
2
app.te
|
@ -185,7 +185,7 @@ control_logd(appdomain)
|
|||
# application inherit logd write socket (urge is to deprecate this long term)
|
||||
allow appdomain zygote:unix_dgram_socket write;
|
||||
|
||||
allow { appdomain -isolated_app } keystore:keystore_key { test get insert delete exist saw sign verify };
|
||||
allow { appdomain -isolated_app } keystore:keystore_key { get_state get insert delete exist list sign verify };
|
||||
|
||||
use_keystore({ appdomain -isolated_app })
|
||||
|
||||
|
|
|
@ -13,6 +13,6 @@ allow binderservicedomain console_device:chr_file rw_file_perms;
|
|||
allow binderservicedomain appdomain:fd use;
|
||||
allow binderservicedomain appdomain:fifo_file write;
|
||||
|
||||
allow binderservicedomain keystore:keystore_key { test get insert delete exist saw sign verify };
|
||||
allow binderservicedomain keystore:keystore_key { get_state get insert delete exist list sign verify };
|
||||
|
||||
use_keystore(binderservicedomain)
|
||||
|
|
|
@ -57,17 +57,17 @@ allow system_app app_api_service:service_manager find;
|
|||
allow system_app system_api_service:service_manager find;
|
||||
|
||||
allow system_app keystore:keystore_key {
|
||||
test
|
||||
get_state
|
||||
get
|
||||
insert
|
||||
delete
|
||||
exist
|
||||
saw
|
||||
list
|
||||
reset
|
||||
password
|
||||
lock
|
||||
unlock
|
||||
zero
|
||||
is_empty
|
||||
sign
|
||||
verify
|
||||
grant
|
||||
|
|
|
@ -381,25 +381,22 @@ allow system_server system_server_service:service_manager { add find };
|
|||
allow system_server surfaceflinger_service:service_manager find;
|
||||
|
||||
allow system_server keystore:keystore_key {
|
||||
test
|
||||
get_state
|
||||
get
|
||||
insert
|
||||
delete
|
||||
exist
|
||||
saw
|
||||
list
|
||||
reset
|
||||
password
|
||||
lock
|
||||
unlock
|
||||
zero
|
||||
is_empty
|
||||
sign
|
||||
verify
|
||||
grant
|
||||
duplicate
|
||||
clear_uid
|
||||
reset_uid
|
||||
sync_uid
|
||||
password_uid
|
||||
add_auth
|
||||
user_changed
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue