cc5cb431ee
When keystore was replaced with keystore2 in Android 12, the SELinux class of keystore keys was changed from keystore_key to keystore2_key. However, the rules that granted access to keystore_key were never removed. This CL removes them, as they are no longer needed. Don't actually remove the class and its permissions from private/security_classes and private/access_vectors. That would break the build because they're referenced by rules in prebuilts/. Bug: 171305684 Test: atest CtsKeystoreTestCases Flag: exempt, removing obsolete code Change-Id: I35d9ea22c0d069049a892def15a18696c4f287a3
28 lines
1.1 KiB
Text
28 lines
1.1 KiB
Text
# Keystore 2.0 key contexts.
|
|
# This file defines Keystore 2.0 namespaces and maps them to labels.
|
|
# Format:
|
|
# <namespace> <label>
|
|
#
|
|
# <namespace> must be an integer in the interval [0 ... 2^31)
|
|
# su_key is a keystore2_key namespace for the su domain intended for native tests.
|
|
0 u:object_r:su_key:s0
|
|
|
|
# shell_key is a keystore2_key namespace for the shell domain intended for native tests.
|
|
1 u:object_r:shell_key:s0
|
|
|
|
# vold_key is a keystore2_key namespace for vold. It allows using raw Keymint blobs.
|
|
100 u:object_r:vold_key:s0
|
|
|
|
# odsign_key is a keystore2_key namespace for the on-device signing daemon.
|
|
101 u:object_r:odsign_key:s0
|
|
|
|
# wifi_key is a keystore2_key namespace for the WI-FI subsystem. It replaces the WIFI_UID
|
|
# namespace in keystore.
|
|
102 u:object_r:wifi_key:s0
|
|
|
|
# locksettings_key is a keystore2_key namespace for the LockSettingsService.
|
|
103 u:object_r:locksettings_key:s0
|
|
|
|
# resume_on_reboot_key is a keystore2_key namespace intended for resume on reboot.
|
|
120 u:object_r:resume_on_reboot_key:s0
|
|
|