21ab75279a
As part of the keystore2 requirement, we give the keys used for resume on reboot a separate context in keystore. And grant system server the permission to generate, use and delete it. Bug: 172780686 Test: resume on reboot works after using keystore2 Change-Id: I6b47625a0864a4aa87b815c6d2009cc19ad151a0
25 lines
970 B
Text
25 lines
970 B
Text
# Keystore 2.0 key contexts.
|
|
# This file defines Keystore 2.0 namespaces and maps them to labels.
|
|
# Format:
|
|
# <namespace> <label>
|
|
#
|
|
# <namespace> must be an integer in the interval [0 ... 2^31)
|
|
# su_key is a keystore_key namespace for the su domain intended for native tests.
|
|
0 u:object_r:su_key:s0
|
|
|
|
# shell_key is a keystore_key namespace for the shell domain intended for native tests.
|
|
1 u:object_r:shell_key:s0
|
|
|
|
# vold_key is a keystore2_key namespace for vold. It allows using raw Keymint blobs.
|
|
100 u:object_r:vold_key:s0
|
|
|
|
# odsign_key is a keystore2_key namespace for the on-device signing daemon.
|
|
101 u:object_r:odsign_key:s0
|
|
|
|
# wifi_key is a keystore2_key namspace for the WI-FI subsystem. It replaces the WIFI_UID
|
|
# namespace in keystore.
|
|
102 u:object_r:wifi_key:s0
|
|
|
|
# resume_on_reboot_key is a keystore2_key namespace intended for resume on reboot.
|
|
120 u:object_r:resume_on_reboot_key:s0
|
|
|