From f6756b9fb3a65ac37d0c0fbc3094501adf088f89 Mon Sep 17 00:00:00 2001
From: Victor Hsieh <victorhsieh@google.com>
Date: Thu, 28 May 2020 17:40:56 -0700
Subject: [PATCH] Remove unused sepolicy by fsverity_init

Keystore access was reverted a while ago in ag/10598373.

Bug: 112038744
Test: atest CtsAppSecurityHostTestCases:android.appsecurity.cts.ApkVerityInstallTest
Test: atest GtsPlayFsiTestCases GtsPlayFsiHostTestCases ApkVerityTest
Change-Id: Ic170624f5a718806adf54ab12e8f4b9f17c7775b
---
 prebuilts/api/30.0/private/fsverity_init.te | 5 -----
 private/fsverity_init.te                    | 5 -----
 2 files changed, 10 deletions(-)

diff --git a/prebuilts/api/30.0/private/fsverity_init.te b/prebuilts/api/30.0/private/fsverity_init.te
index 25595254c..4bb3d0ffb 100644
--- a/prebuilts/api/30.0/private/fsverity_init.te
+++ b/prebuilts/api/30.0/private/fsverity_init.te
@@ -3,11 +3,6 @@ type fsverity_init_exec, exec_type, file_type, system_file_type;
 
 init_daemon_domain(fsverity_init)
 
-# Allow to retrieve keys from keystore.
-binder_use(fsverity_init)
-use_keystore(fsverity_init)
-allow fsverity_init keystore:keystore_key { list get };
-
 # Allow to read /proc/keys for searching key id.
 allow fsverity_init proc_keys:file r_file_perms;
 
diff --git a/private/fsverity_init.te b/private/fsverity_init.te
index 25595254c..4bb3d0ffb 100644
--- a/private/fsverity_init.te
+++ b/private/fsverity_init.te
@@ -3,11 +3,6 @@ type fsverity_init_exec, exec_type, file_type, system_file_type;
 
 init_daemon_domain(fsverity_init)
 
-# Allow to retrieve keys from keystore.
-binder_use(fsverity_init)
-use_keystore(fsverity_init)
-allow fsverity_init keystore:keystore_key { list get };
-
 # Allow to read /proc/keys for searching key id.
 allow fsverity_init proc_keys:file r_file_perms;