Rename keystore methods and delete unused permissions
Keystore is going through an API cleanup to make names more clear and remove unclear methods. Change-Id: I06354ccd0a9a73fd20168bfce9350c451cfaced3
This commit is contained in:
Chad Brubaker
parent
e5916eb67b
commit
cbc8f79655
5 changed files with 11 additions and 17 deletions
|
|
@ -890,25 +890,22 @@ class service_manager
|
||||||
|
|
||||||
class keystore_key
|
class keystore_key
|
||||||
{
|
{
|
||||||
test
|
get_state
|
||||||
get
|
get
|
||||||
insert
|
insert
|
||||||
delete
|
delete
|
||||||
exist
|
exist
|
||||||
saw
|
list
|
||||||
reset
|
reset
|
||||||
password
|
password
|
||||||
lock
|
lock
|
||||||
unlock
|
unlock
|
||||||
zero
|
is_empty
|
||||||
sign
|
sign
|
||||||
verify
|
verify
|
||||||
grant
|
grant
|
||||||
duplicate
|
duplicate
|
||||||
clear_uid
|
clear_uid
|
||||||
reset_uid
|
|
||||||
sync_uid
|
|
||||||
password_uid
|
|
||||||
add_auth
|
add_auth
|
||||||
user_changed
|
user_changed
|
||||||
}
|
}
|
||||||
|
|
|
||||||
2
app.te
2
app.te
|
|
@ -185,7 +185,7 @@ control_logd(appdomain)
|
||||||
# application inherit logd write socket (urge is to deprecate this long term)
|
# application inherit logd write socket (urge is to deprecate this long term)
|
||||||
allow appdomain zygote:unix_dgram_socket write;
|
allow appdomain zygote:unix_dgram_socket write;
|
||||||
|
|
||||||
allow { appdomain -isolated_app } keystore:keystore_key { test get insert delete exist saw sign verify };
|
allow { appdomain -isolated_app } keystore:keystore_key { get_state get insert delete exist list sign verify };
|
||||||
|
|
||||||
use_keystore({ appdomain -isolated_app })
|
use_keystore({ appdomain -isolated_app })
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,6 @@ allow binderservicedomain console_device:chr_file rw_file_perms;
|
||||||
allow binderservicedomain appdomain:fd use;
|
allow binderservicedomain appdomain:fd use;
|
||||||
allow binderservicedomain appdomain:fifo_file write;
|
allow binderservicedomain appdomain:fifo_file write;
|
||||||
|
|
||||||
allow binderservicedomain keystore:keystore_key { test get insert delete exist saw sign verify };
|
allow binderservicedomain keystore:keystore_key { get_state get insert delete exist list sign verify };
|
||||||
|
|
||||||
use_keystore(binderservicedomain)
|
use_keystore(binderservicedomain)
|
||||||
|
|
|
||||||
|
|
@ -57,17 +57,17 @@ allow system_app app_api_service:service_manager find;
|
||||||
allow system_app system_api_service:service_manager find;
|
allow system_app system_api_service:service_manager find;
|
||||||
|
|
||||||
allow system_app keystore:keystore_key {
|
allow system_app keystore:keystore_key {
|
||||||
test
|
get_state
|
||||||
get
|
get
|
||||||
insert
|
insert
|
||||||
delete
|
delete
|
||||||
exist
|
exist
|
||||||
saw
|
list
|
||||||
reset
|
reset
|
||||||
password
|
password
|
||||||
lock
|
lock
|
||||||
unlock
|
unlock
|
||||||
zero
|
is_empty
|
||||||
sign
|
sign
|
||||||
verify
|
verify
|
||||||
grant
|
grant
|
||||||
|
|
|
||||||
|
|
@ -373,25 +373,22 @@ allow system_server system_server_service:service_manager { add find };
|
||||||
allow system_server surfaceflinger_service:service_manager find;
|
allow system_server surfaceflinger_service:service_manager find;
|
||||||
|
|
||||||
allow system_server keystore:keystore_key {
|
allow system_server keystore:keystore_key {
|
||||||
test
|
get_state
|
||||||
get
|
get
|
||||||
insert
|
insert
|
||||||
delete
|
delete
|
||||||
exist
|
exist
|
||||||
saw
|
list
|
||||||
reset
|
reset
|
||||||
password
|
password
|
||||||
lock
|
lock
|
||||||
unlock
|
unlock
|
||||||
zero
|
is_empty
|
||||||
sign
|
sign
|
||||||
verify
|
verify
|
||||||
grant
|
grant
|
||||||
duplicate
|
duplicate
|
||||||
clear_uid
|
clear_uid
|
||||||
reset_uid
|
|
||||||
sync_uid
|
|
||||||
password_uid
|
|
||||||
add_auth
|
add_auth
|
||||||
user_changed
|
user_changed
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue