Remove wait_for_keymaster and references
No longer needed now init listens for property changes on a separate thread. Some references to wait_for_keymaster survive: in order to avoid trouble downstream, we keep the definition of the `wait_for_keymaster` and `wait_for_keymaster_exec` types, but remove all their permissions, and of course prebuilds and compat cil files are unchanged. Bug: 186580823 Test: Cuttlefish boots successfully Change-Id: Id97fc2668743fb58dfd10c75a4f4c4d0348284ce
This commit is contained in:
Paul Crowley
parent
49de475b86
commit
4a7945290d
3 changed files with 3 additions and 15 deletions
|
|
@ -361,7 +361,6 @@
|
|||
/system/bin/stats u:object_r:stats_exec:s0
|
||||
/system/bin/statsd u:object_r:statsd_exec:s0
|
||||
/system/bin/bpfloader u:object_r:bpfloader_exec:s0
|
||||
/system/bin/wait_for_keymaster u:object_r:wait_for_keymaster_exec:s0
|
||||
/system/bin/watchdogd u:object_r:watchdogd_exec:s0
|
||||
/system/bin/apexd u:object_r:apexd_exec:s0
|
||||
/system/bin/gsid u:object_r:gsid_exec:s0
|
||||
|
|
|
|||
|
|
@ -29,7 +29,6 @@ allow keystore keystore2_key_contexts_file:file r_file_perms;
|
|||
|
||||
get_prop(keystore, keystore_listen_prop)
|
||||
|
||||
# Keystore needs to transfer binder references to vold and wait_for_keymaster so that they
|
||||
# Keystore needs to transfer binder references to vold so that it
|
||||
# can call keystore methods on those references.
|
||||
allow keystore vold:binder transfer;
|
||||
allow keystore wait_for_keymaster:binder transfer;
|
||||
|
|
|
|||
|
|
@ -1,15 +1,5 @@
|
|||
# wait_for_keymaster service
|
||||
# wait_for_keymaster service. No longer used;
|
||||
# here only so that downstream code compiles.
|
||||
type wait_for_keymaster, domain, coredomain;
|
||||
type wait_for_keymaster_exec, system_file_type, exec_type, file_type;
|
||||
|
||||
init_daemon_domain(wait_for_keymaster)
|
||||
|
||||
hal_client_domain(wait_for_keymaster, hal_keymaster)
|
||||
|
||||
allow wait_for_keymaster kmsg_device:chr_file w_file_perms;
|
||||
|
||||
# wait_for_keymaster needs to find keystore and call methods with the returned
|
||||
# binder reference.
|
||||
binder_use(wait_for_keymaster)
|
||||
allow wait_for_keymaster keystore_service:service_manager find;
|
||||
binder_call(wait_for_keymaster, keystore)
|
||||
|
|
|
|||
Loading…
Reference in a new issue