Merge changes Ib339bd0a,I4ff3ff91,I6863269e,I85d24118,Ic7ce23e2

* changes:
  Keystore 2.0: Refactor permissions. 5/5
  Keystore 2.0: Refactor permissions. 4/5
  Keystore 2.0: Refactor permissions. 3/5
  Keystore 2.0: Refactor permissions. 2/5
  Keystore 2.0: Refactor permissions. 1/5
diff --git a/keystore2/selinux/src/lib.rs b/keystore2/selinux/src/lib.rs
index 902e9a4..c0593b7 100644
--- a/keystore2/selinux/src/lib.rs
+++ b/keystore2/selinux/src/lib.rs
@@ -333,6 +333,311 @@
     }
 }
 
+/// Represents an SEPolicy permission belonging to a specific class.
+pub trait ClassPermission {
+    /// The permission string of the given instance as specified in the class vector.
+    fn name(&self) -> &'static str;
+    /// The class of the permission.
+    fn class_name(&self) -> &'static str;
+}
+
+/// This macro implements an enum with values mapped to SELinux permission names.
+/// The example below implements `enum MyPermission with public visibility:
+///  * From<i32> and Into<i32> are implemented. Where the implementation of From maps
+///    any variant not specified to the default `None` with value `0`.
+///  * `MyPermission` implements ClassPermission.
+///  * An implicit default values `MyPermission::None` is created with a numeric representation
+///    of `0` and a string representation of `"none"`.
+///  * Specifying a value is optional. If the value is omitted it is set to the value of the
+///    previous variant left shifted by 1.
+///
+/// ## Example
+/// ```
+/// implement_class!(
+///     /// MyPermission documentation.
+///     #[derive(Clone, Copy, Debug, Eq, PartialEq)]
+///     #[selinux(class_name = my_class)]
+///     pub enum MyPermission {
+///         #[selinux(name = foo)]
+///         Foo = 1,
+///         #[selinux(name = bar)]
+///         Bar = 2,
+///         #[selinux(name = snafu)]
+///         Snafu, // Implicit value: MyPermission::Bar << 1 -> 4
+///     }
+///     assert_eq!(MyPermission::Foo.name(), &"foo");
+///     assert_eq!(MyPermission::Foo.class_name(), &"my_class");
+///     assert_eq!(MyPermission::Snafu as i32, 4);
+/// );
+/// ```
+#[macro_export]
+macro_rules! implement_class {
+    // First rule: Public interface.
+    (
+        $(#[$($enum_meta:tt)+])*
+        $enum_vis:vis enum $enum_name:ident $body:tt
+    ) => {
+        implement_class! {
+            @extract_class
+            []
+            [$(#[$($enum_meta)+])*]
+            $enum_vis enum $enum_name $body
+        }
+    };
+
+    // The next two rules extract the #[selinux(class_name = <name>)] meta field from
+    // the types meta list.
+    // This first rule finds the field and terminates the recursion through the meta fields.
+    (
+        @extract_class
+        [$(#[$mout:meta])*]
+        [
+            #[selinux(class_name = $class_name:ident)]
+            $(#[$($mtail:tt)+])*
+        ]
+        $enum_vis:vis enum $enum_name:ident {
+            $(
+                $(#[$($emeta:tt)+])*
+                $vname:ident$( = $vval:expr)?
+            ),* $(,)?
+        }
+    ) => {
+        implement_class!{
+            @extract_perm_name
+            $class_name
+            $(#[$mout])*
+            $(#[$($mtail)+])*
+            $enum_vis enum $enum_name {
+                1;
+                []
+                [$(
+                    [] [$(#[$($emeta)+])*]
+                    $vname$( = $vval)?,
+                )*]
+            }
+        }
+    };
+
+    // The second rule iterates through the type global meta fields.
+    (
+        @extract_class
+        [$(#[$mout:meta])*]
+        [
+            #[$front:meta]
+            $(#[$($mtail:tt)+])*
+        ]
+        $enum_vis:vis enum $enum_name:ident $body:tt
+    ) => {
+        implement_class!{
+            @extract_class
+            [
+                $(#[$mout])*
+                #[$front]
+            ]
+            [$(#[$($mtail)+])*]
+            $enum_vis enum $enum_name $body
+        }
+    };
+
+    // The next four rules implement two nested recursions. The outer iterates through
+    // the enum variants and the inner iterates through the meta fields of each variant.
+    // The first two rules find the #[selinux(name = <name>)] stanza, terminate the inner
+    // recursion and descend a level in the outer recursion.
+    // The first rule matches variants with explicit initializer $vval. And updates the next
+    // value to ($vval << 1).
+    (
+        @extract_perm_name
+        $class_name:ident
+        $(#[$enum_meta:meta])*
+        $enum_vis:vis enum $enum_name:ident {
+            $next_val:expr;
+            [$($out:tt)*]
+            [
+                [$(#[$mout:meta])*]
+                [
+                    #[selinux(name = $selinux_name:ident)]
+                    $(#[$($mtail:tt)+])*
+                ]
+                $vname:ident = $vval:expr,
+                $($tail:tt)*
+            ]
+        }
+    ) => {
+        implement_class!{
+            @extract_perm_name
+            $class_name
+            $(#[$enum_meta])*
+            $enum_vis enum $enum_name {
+                ($vval << 1);
+                [
+                    $($out)*
+                    $(#[$mout])*
+                    $(#[$($mtail)+])*
+                    $selinux_name $vname = $vval,
+                ]
+                [$($tail)*]
+            }
+        }
+    };
+
+    // The second rule differs form the previous in that there is no explicit initializer.
+    // Instead $next_val is used as initializer and the next value is set to (&next_val << 1).
+    (
+        @extract_perm_name
+        $class_name:ident
+        $(#[$enum_meta:meta])*
+        $enum_vis:vis enum $enum_name:ident {
+            $next_val:expr;
+            [$($out:tt)*]
+            [
+                [$(#[$mout:meta])*]
+                [
+                    #[selinux(name = $selinux_name:ident)]
+                    $(#[$($mtail:tt)+])*
+                ]
+                $vname:ident,
+                $($tail:tt)*
+            ]
+        }
+    ) => {
+        implement_class!{
+            @extract_perm_name
+            $class_name
+            $(#[$enum_meta])*
+            $enum_vis enum $enum_name {
+                ($next_val << 1);
+                [
+                    $($out)*
+                    $(#[$mout])*
+                    $(#[$($mtail)+])*
+                    $selinux_name $vname = $next_val,
+                ]
+                [$($tail)*]
+            }
+        }
+    };
+
+    // The third rule descends a step in the inner recursion.
+    (
+        @extract_perm_name
+        $class_name:ident
+        $(#[$enum_meta:meta])*
+        $enum_vis:vis enum $enum_name:ident {
+            $next_val:expr;
+            [$($out:tt)*]
+            [
+                [$(#[$mout:meta])*]
+                [
+                    #[$front:meta]
+                    $(#[$($mtail:tt)+])*
+                ]
+                $vname:ident$( = $vval:expr)?,
+                $($tail:tt)*
+            ]
+        }
+    ) => {
+        implement_class!{
+            @extract_perm_name
+            $class_name
+            $(#[$enum_meta])*
+            $enum_vis enum $enum_name {
+                $next_val;
+                [$($out)*]
+                [
+                    [
+                        $(#[$mout])*
+                        #[$front]
+                    ]
+                    [$(#[$($mtail)+])*]
+                    $vname$( = $vval)?,
+                    $($tail)*
+                ]
+            }
+        }
+    };
+
+    // The fourth rule terminates the outer recursion and transitions to the
+    // implementation phase @spill.
+    (
+        @extract_perm_name
+        $class_name:ident
+        $(#[$enum_meta:meta])*
+        $enum_vis:vis enum $enum_name:ident {
+            $next_val:expr;
+            [$($out:tt)*]
+            []
+        }
+    ) => {
+        implement_class!{
+            @spill
+            $class_name
+            $(#[$enum_meta])*
+            $enum_vis enum $enum_name {
+                $($out)*
+            }
+        }
+    };
+
+    (
+        @spill
+        $class_name:ident
+        $(#[$enum_meta:meta])*
+        $enum_vis:vis enum $enum_name:ident {
+            $(
+                $(#[$emeta:meta])*
+                $selinux_name:ident $vname:ident = $vval:expr,
+            )*
+        }
+    ) => {
+        $(#[$enum_meta])*
+        $enum_vis enum $enum_name {
+            /// The default variant of the enum.
+            None = 0,
+            $(
+                $(#[$emeta])*
+                $vname = $vval,
+            )*
+        }
+
+        impl From<i32> for $enum_name {
+            #[allow(non_upper_case_globals)]
+            fn from (p: i32) -> Self {
+                // Creating constants forces the compiler to evaluate the value expressions
+                // so that they can be used in the match statement below.
+                $(const $vname: i32 = $vval;)*
+                match p {
+                    0 => Self::None,
+                    $($vname => Self::$vname,)*
+                    _ => Self::None,
+                }
+            }
+        }
+
+        impl From<$enum_name> for i32 {
+            fn from(p: $enum_name) -> i32 {
+                p as i32
+            }
+        }
+
+        impl ClassPermission for $enum_name {
+            fn name(&self) -> &'static str {
+                match self {
+                    Self::None => &"none",
+                    $(Self::$vname => stringify!($selinux_name),)*
+                }
+            }
+            fn class_name(&self) -> &'static str {
+                stringify!($class_name)
+            }
+        }
+    };
+}
+
+/// Calls `check_access` on the given class permission.
+pub fn check_permission<T: ClassPermission>(source: &CStr, target: &CStr, perm: T) -> Result<()> {
+    check_access(source, target, perm.class_name(), perm.name())
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;
diff --git a/keystore2/src/attestation_key_utils.rs b/keystore2/src/attestation_key_utils.rs
index b6a8e31..a8c1ca9 100644
--- a/keystore2/src/attestation_key_utils.rs
+++ b/keystore2/src/attestation_key_utils.rs
@@ -109,7 +109,7 @@
                     KeyType::Client,
                     KeyEntryLoadBits::BOTH,
                     caller_uid,
-                    |k, av| check_key_permission(KeyPerm::use_(), k, &av),
+                    |k, av| check_key_permission(KeyPerm::Use, k, &av),
                 )
                 .context("In load_attest_key_blob_and_cert: Failed to load key.")?;
 
diff --git a/keystore2/src/authorization.rs b/keystore2/src/authorization.rs
index 777089f..04626bc 100644
--- a/keystore2/src/authorization.rs
+++ b/keystore2/src/authorization.rs
@@ -119,7 +119,7 @@
 
     fn add_auth_token(&self, auth_token: &HardwareAuthToken) -> Result<()> {
         // Check keystore permission.
-        check_keystore_permission(KeystorePerm::add_auth()).context("In add_auth_token.")?;
+        check_keystore_permission(KeystorePerm::AddAuth).context("In add_auth_token.")?;
 
         ENFORCEMENTS.add_auth_token(auth_token.clone());
         Ok(())
@@ -143,7 +143,7 @@
             (LockScreenEvent::UNLOCK, Some(password)) => {
                 // This corresponds to the unlock() method in legacy keystore API.
                 // check permission
-                check_keystore_permission(KeystorePerm::unlock())
+                check_keystore_permission(KeystorePerm::Unlock)
                     .context("In on_lock_screen_event: Unlock with password.")?;
                 ENFORCEMENTS.set_device_locked(user_id, false);
 
@@ -177,7 +177,7 @@
                 Ok(())
             }
             (LockScreenEvent::UNLOCK, None) => {
-                check_keystore_permission(KeystorePerm::unlock())
+                check_keystore_permission(KeystorePerm::Unlock)
                     .context("In on_lock_screen_event: Unlock.")?;
                 ENFORCEMENTS.set_device_locked(user_id, false);
                 DB.with(|db| {
@@ -187,7 +187,7 @@
                 Ok(())
             }
             (LockScreenEvent::LOCK, None) => {
-                check_keystore_permission(KeystorePerm::lock())
+                check_keystore_permission(KeystorePerm::Lock)
                     .context("In on_lock_screen_event: Lock")?;
                 ENFORCEMENTS.set_device_locked(user_id, true);
                 DB.with(|db| {
@@ -215,7 +215,7 @@
     ) -> Result<AuthorizationTokens> {
         // Check permission. Function should return if this failed. Therefore having '?' at the end
         // is very important.
-        check_keystore_permission(KeystorePerm::get_auth_token())
+        check_keystore_permission(KeystorePerm::GetAuthToken)
             .context("In get_auth_tokens_for_credstore.")?;
 
         // If the challenge is zero, return error
diff --git a/keystore2/src/database.rs b/keystore2/src/database.rs
index ae2875c..d73cc8b 100644
--- a/keystore2/src/database.rs
+++ b/keystore2/src/database.rs
@@ -3704,8 +3704,8 @@
             alias: Some("key".to_string()),
             blob: None,
         };
-        const PVEC1: KeyPermSet = key_perm_set![KeyPerm::use_(), KeyPerm::get_info()];
-        const PVEC2: KeyPermSet = key_perm_set![KeyPerm::use_()];
+        const PVEC1: KeyPermSet = key_perm_set![KeyPerm::Use, KeyPerm::GetInfo];
+        const PVEC2: KeyPermSet = key_perm_set![KeyPerm::Use];
 
         // Reset totally predictable random number generator in case we
         // are not the first test running on this thread.
@@ -4181,7 +4181,7 @@
                 },
                 1,
                 2,
-                key_perm_set![KeyPerm::use_()],
+                key_perm_set![KeyPerm::Use],
                 |_k, _av| Ok(()),
             )
             .unwrap();
@@ -4191,7 +4191,7 @@
         let (_key_guard, key_entry) = db
             .load_key_entry(&granted_key, KeyType::Client, KeyEntryLoadBits::BOTH, 2, |k, av| {
                 assert_eq!(Domain::GRANT, k.domain);
-                assert!(av.unwrap().includes(KeyPerm::use_()));
+                assert!(av.unwrap().includes(KeyPerm::Use));
                 Ok(())
             })
             .unwrap();
@@ -4238,7 +4238,7 @@
             },
             OWNER_UID,
             GRANTEE_UID,
-            key_perm_set![KeyPerm::use_()],
+            key_perm_set![KeyPerm::Use],
             |_k, _av| Ok(()),
         )
         .unwrap();
@@ -4257,7 +4257,7 @@
                 |k, av| {
                     assert_eq!(Domain::APP, k.domain);
                     assert_eq!(OWNER_UID as i64, k.nspace);
-                    assert!(av.unwrap().includes(KeyPerm::use_()));
+                    assert!(av.unwrap().includes(KeyPerm::Use));
                     Ok(())
                 },
             )
@@ -5675,7 +5675,7 @@
             },
             OWNER as u32,
             123,
-            key_perm_set![KeyPerm::use_()],
+            key_perm_set![KeyPerm::Use],
             |_, _| Ok(()),
         )?;
 
diff --git a/keystore2/src/maintenance.rs b/keystore2/src/maintenance.rs
index 7ce9042..3f6cf36 100644
--- a/keystore2/src/maintenance.rs
+++ b/keystore2/src/maintenance.rs
@@ -69,7 +69,7 @@
     fn on_user_password_changed(user_id: i32, password: Option<Password>) -> Result<()> {
         //Check permission. Function should return if this failed. Therefore having '?' at the end
         //is very important.
-        check_keystore_permission(KeystorePerm::change_password())
+        check_keystore_permission(KeystorePerm::ChangePassword)
             .context("In on_user_password_changed.")?;
 
         if let Some(pw) = password.as_ref() {
@@ -106,7 +106,7 @@
     fn add_or_remove_user(&self, user_id: i32) -> Result<()> {
         // Check permission. Function should return if this failed. Therefore having '?' at the end
         // is very important.
-        check_keystore_permission(KeystorePerm::change_user()).context("In add_or_remove_user.")?;
+        check_keystore_permission(KeystorePerm::ChangeUser).context("In add_or_remove_user.")?;
         DB.with(|db| {
             UserState::reset_user(
                 &mut db.borrow_mut(),
@@ -124,7 +124,7 @@
 
     fn clear_namespace(&self, domain: Domain, nspace: i64) -> Result<()> {
         // Permission check. Must return on error. Do not touch the '?'.
-        check_keystore_permission(KeystorePerm::clear_uid()).context("In clear_namespace.")?;
+        check_keystore_permission(KeystorePerm::ClearUID).context("In clear_namespace.")?;
 
         LEGACY_MIGRATOR
             .bulk_delete_uid(domain, nspace)
@@ -139,7 +139,7 @@
     fn get_state(user_id: i32) -> Result<AidlUserState> {
         // Check permission. Function should return if this failed. Therefore having '?' at the end
         // is very important.
-        check_keystore_permission(KeystorePerm::get_state()).context("In get_state.")?;
+        check_keystore_permission(KeystorePerm::GetState).context("In get_state.")?;
         let state = DB
             .with(|db| {
                 UserState::get(&mut db.borrow_mut(), &LEGACY_MIGRATOR, &SUPER_KEY, user_id as u32)
@@ -195,7 +195,7 @@
     }
 
     fn early_boot_ended() -> Result<()> {
-        check_keystore_permission(KeystorePerm::early_boot_ended())
+        check_keystore_permission(KeystorePerm::EarlyBootEnded)
             .context("In early_boot_ended. Checking permission")?;
         log::info!("In early_boot_ended.");
 
@@ -207,8 +207,7 @@
 
     fn on_device_off_body() -> Result<()> {
         // Security critical permission check. This statement must return on fail.
-        check_keystore_permission(KeystorePerm::report_off_body())
-            .context("In on_device_off_body.")?;
+        check_keystore_permission(KeystorePerm::ReportOffBody).context("In on_device_off_body.")?;
 
         DB.with(|db| db.borrow_mut().update_last_off_body(MonotonicRawTime::now()));
         Ok(())
@@ -228,9 +227,9 @@
                                 KeyEntryLoadBits::NONE,
                                 caller_uid,
                                 |k, av| {
-                                    check_key_permission(KeyPerm::use_(), k, &av)?;
-                                    check_key_permission(KeyPerm::delete(), k, &av)?;
-                                    check_key_permission(KeyPerm::grant(), k, &av)
+                                    check_key_permission(KeyPerm::Use, k, &av)?;
+                                    check_key_permission(KeyPerm::Delete, k, &av)?;
+                                    check_key_permission(KeyPerm::Grant, k, &av)
                                 },
                             )
                         })
@@ -246,14 +245,14 @@
             };
 
             db.borrow_mut().migrate_key_namespace(key_id_guard, destination, caller_uid, |k| {
-                check_key_permission(KeyPerm::rebind(), k, &None)
+                check_key_permission(KeyPerm::Rebind, k, &None)
             })
         })
     }
 
     fn delete_all_keys() -> Result<()> {
         // Security critical permission check. This statement must return on fail.
-        check_keystore_permission(KeystorePerm::delete_all_keys())
+        check_keystore_permission(KeystorePerm::DeleteAllKeys)
             .context("In delete_all_keys. Checking permission")?;
         log::info!("In delete_all_keys.");
 
diff --git a/keystore2/src/metrics.rs b/keystore2/src/metrics.rs
index 42295b7..3d8d6d3 100644
--- a/keystore2/src/metrics.rs
+++ b/keystore2/src/metrics.rs
@@ -41,7 +41,7 @@
     fn pull_metrics(&self, atom_id: AtomID) -> Result<Vec<KeystoreAtom>> {
         // Check permission. Function should return if this failed. Therefore having '?' at the end
         // is very important.
-        check_keystore_permission(KeystorePerm::pull_metrics()).context("In pull_metrics.")?;
+        check_keystore_permission(KeystorePerm::PullMetrics).context("In pull_metrics.")?;
         METRICS_STORE.get_atoms(atom_id)
     }
 }
diff --git a/keystore2/src/permission.rs b/keystore2/src/permission.rs
index 4392acf..f280341 100644
--- a/keystore2/src/permission.rs
+++ b/keystore2/src/permission.rs
@@ -18,23 +18,18 @@
 //! It also provides KeystorePerm and KeyPerm as convenience wrappers for the SELinux permission
 //! defined by keystore2 and keystore2_key respectively.
 
+use crate::error::Error as KsError;
 use android_system_keystore2::aidl::android::system::keystore2::{
     Domain::Domain, KeyDescriptor::KeyDescriptor, KeyPermission::KeyPermission,
 };
-
+use anyhow::Context as AnyhowContext;
+use keystore2_selinux as selinux;
+use lazy_static::lazy_static;
+use selinux::{implement_class, Backend, ClassPermission};
 use std::cmp::PartialEq;
 use std::convert::From;
 use std::ffi::CStr;
 
-use crate::error::Error as KsError;
-use keystore2_selinux as selinux;
-
-use anyhow::Context as AnyhowContext;
-
-use selinux::Backend;
-
-use lazy_static::lazy_static;
-
 // Replace getcon with a mock in the test situation
 #[cfg(not(test))]
 use selinux::getcon;
@@ -52,273 +47,104 @@
     KEYSTORE2_KEY_LABEL_BACKEND.lookup(&namespace.to_string())
 }
 
-/// ## Background
-///
-/// AIDL enums are represented as constants of the form:
-/// ```
-/// mod EnumName {
-///     pub type EnumName = i32;
-///     pub const Variant1: EnumName = <value1>;
-///     pub const Variant2: EnumName = <value2>;
-///     ...
-/// }
-///```
-/// This macro wraps the enum in a new type, e.g., `MyPerm` and maps each variant to an SELinux
-/// permission while providing the following interface:
-///  * From<EnumName> and Into<EnumName> are implemented. Where the implementation of From maps
-///    any variant not specified to the default.
-///  * Every variant has a constructor with a name corresponding to its lower case SELinux string
-///    representation.
-///  * `MyPerm.to_selinux(&self)` returns the SELinux string representation of the
-///    represented permission.
-///
-/// ## Special behavior
-/// If the keyword `use` appears as an selinux name `use_` is used as identifier for the
-/// constructor function (e.g. `MePerm::use_()`) but the string returned by `to_selinux` will
-/// still be `"use"`.
-///
-/// ## Example
-/// ```
-///
-/// implement_permission!(
-///     /// MyPerm documentation.
-///     #[derive(Clone, Copy, Debug, PartialEq)]
-///     MyPerm from EnumName with default (None, none) {}
-///         Variant1,    selinux name: variant1;
-///         Variant2,    selinux name: variant1;
-///     }
-/// );
-/// ```
-macro_rules! implement_permission_aidl {
-    // This rule provides the public interface of the macro. And starts the preprocessing
-    // recursion (see below).
-    ($(#[$m:meta])* $name:ident from $aidl_name:ident with default ($($def:tt)*)
-        { $($element:tt)* })
-    => {
-        implement_permission_aidl!(@replace_use $($m)*, $name, $aidl_name, ($($def)*), [],
-            $($element)*);
-    };
-
-    // The following three rules recurse through the elements of the form
-    // `<enum variant>, selinux name: <selinux_name>;`
-    // preprocessing the input.
-
-    // The first rule terminates the recursion and passes the processed arguments to the final
-    // rule that spills out the implementation.
-    (@replace_use $($m:meta)*, $name:ident, $aidl_name:ident, ($($def:tt)*), [$($out:tt)*], ) => {
-        implement_permission_aidl!(@end $($m)*, $name, $aidl_name, ($($def)*) { $($out)* } );
-    };
-
-    // The second rule is triggered if the selinux name of an element is literally `use`.
-    // It produces the tuple `<enum variant>, use_, use;`
-    // and appends it to the out list.
-    (@replace_use $($m:meta)*, $name:ident, $aidl_name:ident, ($($def:tt)*), [$($out:tt)*],
-        $e_name:ident, selinux name: use; $($element:tt)*)
-    => {
-        implement_permission_aidl!(@replace_use $($m)*, $name, $aidl_name, ($($def)*),
-                              [$($out)* $e_name, use_, use;], $($element)*);
-    };
-
-    // The third rule is the default rule which replaces every input tuple with
-    // `<enum variant>, <selinux_name>, <selinux_name>;`
-    // and appends the result to the out list.
-    (@replace_use $($m:meta)*, $name:ident, $aidl_name:ident, ($($def:tt)*), [$($out:tt)*],
-        $e_name:ident, selinux name: $e_str:ident; $($element:tt)*)
-    => {
-        implement_permission_aidl!(@replace_use $($m)*, $name, $aidl_name, ($($def)*),
-                              [$($out)* $e_name, $e_str, $e_str;], $($element)*);
-    };
-
-    (@end $($m:meta)*, $name:ident, $aidl_name:ident,
-        ($def_name:ident, $def_selinux_name:ident) {
-            $($element_name:ident, $element_identifier:ident,
-                $selinux_name:ident;)*
-        })
-    =>
-    {
-        $(#[$m])*
-        pub struct $name(pub $aidl_name);
-
-        impl From<$aidl_name> for $name {
-            fn from (p: $aidl_name) -> Self {
-                match p {
-                    $aidl_name::$def_name => Self($aidl_name::$def_name),
-                    $($aidl_name::$element_name => Self($aidl_name::$element_name),)*
-                    _ => Self($aidl_name::$def_name),
-                }
-            }
-        }
-
-        impl From<$name> for $aidl_name {
-            fn from(p: $name) -> $aidl_name {
-                p.0
-            }
-        }
-
-        impl $name {
-            /// Returns a string representation of the permission as required by
-            /// `selinux::check_access`.
-            pub fn to_selinux(self) -> &'static str {
-                match self {
-                    Self($aidl_name::$def_name) => stringify!($def_selinux_name),
-                    $(Self($aidl_name::$element_name) => stringify!($selinux_name),)*
-                    _ => stringify!($def_selinux_name),
-                }
-            }
-
-            /// Creates an instance representing a permission with the same name.
-            pub const fn $def_selinux_name() -> Self { Self($aidl_name::$def_name) }
-            $(
-                /// Creates an instance representing a permission with the same name.
-                pub const fn $element_identifier() -> Self { Self($aidl_name::$element_name) }
-            )*
-        }
-    };
-}
-
-implement_permission_aidl!(
+implement_class!(
     /// KeyPerm provides a convenient abstraction from the SELinux class `keystore2_key`.
     /// At the same time it maps `KeyPermissions` from the Keystore 2.0 AIDL Grant interface to
-    /// the SELinux permissions. With the implement_permission macro, we conveniently
-    /// provide mappings between the wire type bit field values, the rust enum and the SELinux
-    /// string representation.
-    ///
-    /// ## Example
-    ///
-    /// In this access check `KeyPerm::get_info().to_selinux()` would return the SELinux representation
-    /// "info".
-    /// ```
-    /// selinux::check_access(source_context, target_context, "keystore2_key",
-    ///                       KeyPerm::get_info().to_selinux());
-    /// ```
-    #[derive(Clone, Copy, Debug, Eq, PartialEq)]
-    KeyPerm from KeyPermission with default (NONE, none) {
-        CONVERT_STORAGE_KEY_TO_EPHEMERAL,   selinux name: convert_storage_key_to_ephemeral;
-        DELETE,         selinux name: delete;
-        GEN_UNIQUE_ID,  selinux name: gen_unique_id;
-        GET_INFO,       selinux name: get_info;
-        GRANT,          selinux name: grant;
-        MANAGE_BLOB,    selinux name: manage_blob;
-        REBIND,         selinux name: rebind;
-        REQ_FORCED_OP,  selinux name: req_forced_op;
-        UPDATE,         selinux name: update;
-        USE,            selinux name: use;
-        USE_DEV_ID,     selinux name: use_dev_id;
+    /// the SELinux permissions.
+    #[repr(i32)]
+    #[selinux(class_name = keystore2_key)]
+    #[derive(Clone, Copy, Debug, PartialEq)]
+    pub enum KeyPerm {
+        /// Checked when convert_storage_key_to_ephemeral is called.
+        #[selinux(name = convert_storage_key_to_ephemeral)]
+        ConvertStorageKeyToEphemeral = KeyPermission::CONVERT_STORAGE_KEY_TO_EPHEMERAL.0,
+        /// Checked when the caller tries do delete a key.
+        #[selinux(name = delete)]
+        Delete = KeyPermission::DELETE.0,
+        /// Checked when the caller tries to use a unique id.
+        #[selinux(name = gen_unique_id)]
+        GenUniqueId = KeyPermission::GEN_UNIQUE_ID.0,
+        /// Checked when the caller tries to load a key.
+        #[selinux(name = get_info)]
+        GetInfo = KeyPermission::GET_INFO.0,
+        /// Checked when the caller attempts to grant a key to another uid.
+        /// Also used for gating key migration attempts.
+        #[selinux(name = grant)]
+        Grant = KeyPermission::GRANT.0,
+        /// Checked when the caller attempts to use Domain::BLOB.
+        #[selinux(name = manage_blob)]
+        ManageBlob = KeyPermission::MANAGE_BLOB.0,
+        /// Checked when the caller tries to create a key which implies rebinding
+        /// an alias to the new key.
+        #[selinux(name = rebind)]
+        Rebind = KeyPermission::REBIND.0,
+        /// Checked when the caller attempts to create a forced operation.
+        #[selinux(name = req_forced_op)]
+        ReqForcedOp = KeyPermission::REQ_FORCED_OP.0,
+        /// Checked when the caller attempts to update public key artifacts.
+        #[selinux(name = update)]
+        Update = KeyPermission::UPDATE.0,
+        /// Checked when the caller attempts to use a private or public key.
+        #[selinux(name = use)]
+        Use = KeyPermission::USE.0,
+        /// Checked when the caller attempts to use device ids for attestation.
+        #[selinux(name = use_dev_id)]
+        UseDevId = KeyPermission::USE_DEV_ID.0,
     }
 );
 
-/// This macro implements an enum with values mapped to SELinux permission names.
-/// The below example wraps the enum MyPermission in the tuple struct `MyPerm` and implements
-///  * From<i32> and Into<i32> are implemented. Where the implementation of From maps
-///    any variant not specified to the default.
-///  * Every variant has a constructor with a name corresponding to its lower case SELinux string
-///    representation.
-///  * `MyPerm.to_selinux(&self)` returns the SELinux string representation of the
-///    represented permission.
-///
-/// ## Example
-/// ```
-/// implement_permission!(
-///     /// MyPerm documentation.
-///     #[derive(Clone, Copy, Debug, Eq, PartialEq)]
-///     MyPerm with default (None = 0, none) {
-///         Foo = 1,           selinux name: foo;
-///         Bar = 2,           selinux name: bar;
-///     }
-/// );
-/// ```
-macro_rules! implement_permission {
-    // This rule provides the public interface of the macro. And starts the preprocessing
-    // recursion (see below).
-    ($(#[$m:meta])* $name:ident with default
-        ($def_name:ident = $def_val:expr, $def_selinux_name:ident)
-        {
-            $($(#[$element_meta:meta])*
-            $element_name:ident = $element_val:expr, selinux name: $selinux_name:ident;)*
-        })
-    => {
-        $(#[$m])*
-        pub enum $name {
-            /// The default variant of an enum.
-            $def_name = $def_val,
-            $(
-                $(#[$element_meta])*
-                $element_name = $element_val,
-            )*
-        }
-
-        impl From<i32> for $name {
-            fn from (p: i32) -> Self {
-                match p {
-                    $def_val => Self::$def_name,
-                    $($element_val => Self::$element_name,)*
-                    _ => Self::$def_name,
-                }
-            }
-        }
-
-        impl From<$name> for i32 {
-            fn from(p: $name) -> i32 {
-                p as i32
-            }
-        }
-
-        impl $name {
-            /// Returns a string representation of the permission as required by
-            /// `selinux::check_access`.
-            pub fn to_selinux(self) -> &'static str {
-                match self {
-                    Self::$def_name => stringify!($def_selinux_name),
-                    $(Self::$element_name => stringify!($selinux_name),)*
-                }
-            }
-
-            /// Creates an instance representing a permission with the same name.
-            pub const fn $def_selinux_name() -> Self { Self::$def_name }
-            $(
-                /// Creates an instance representing a permission with the same name.
-                pub const fn $selinux_name() -> Self { Self::$element_name }
-            )*
-        }
-    };
-}
-
-implement_permission!(
+implement_class!(
     /// KeystorePerm provides a convenient abstraction from the SELinux class `keystore2`.
     /// Using the implement_permission macro we get the same features as `KeyPerm`.
+    #[selinux(class_name = keystore2)]
     #[derive(Clone, Copy, Debug, PartialEq)]
-    KeystorePerm with default (None = 0, none) {
+    pub enum KeystorePerm {
         /// Checked when a new auth token is installed.
-        AddAuth = 1,    selinux name: add_auth;
+        #[selinux(name = add_auth)]
+        AddAuth,
         /// Checked when an app is uninstalled or wiped.
-        ClearNs = 2,    selinux name: clear_ns;
+        #[selinux(name = clear_ns)]
+        ClearNs,
         /// Checked when the user state is queried from Keystore 2.0.
-        GetState = 4,   selinux name: get_state;
+        #[selinux(name = get_state)]
+        GetState,
         /// Checked when Keystore 2.0 is asked to list a namespace that the caller
         /// does not have the get_info permission for.
-        List = 8,       selinux name: list;
+        #[selinux(name = list)]
+        List,
         /// Checked when Keystore 2.0 gets locked.
-        Lock = 0x10,       selinux name: lock;
+        #[selinux(name = lock)]
+        Lock,
         /// Checked when Keystore 2.0 shall be reset.
-        Reset = 0x20,    selinux name: reset;
+        #[selinux(name = reset)]
+        Reset,
         /// Checked when Keystore 2.0 shall be unlocked.
-        Unlock = 0x40,    selinux name: unlock;
+        #[selinux(name = unlock)]
+        Unlock,
         /// Checked when user is added or removed.
-        ChangeUser = 0x80,    selinux name: change_user;
+        #[selinux(name = change_user)]
+        ChangeUser,
         /// Checked when password of the user is changed.
-        ChangePassword = 0x100,    selinux name: change_password;
+        #[selinux(name = change_password)]
+        ChangePassword,
         /// Checked when a UID is cleared.
-        ClearUID = 0x200,    selinux name: clear_uid;
+        #[selinux(name = clear_uid)]
+        ClearUID,
         /// Checked when Credstore calls IKeystoreAuthorization to obtain auth tokens.
-        GetAuthToken = 0x400,  selinux name: get_auth_token;
+        #[selinux(name = get_auth_token)]
+        GetAuthToken,
         /// Checked when earlyBootEnded() is called.
-        EarlyBootEnded = 0x800,   selinux name: early_boot_ended;
+        #[selinux(name = early_boot_ended)]
+        EarlyBootEnded,
         /// Checked when IKeystoreMaintenance::onDeviceOffBody is called.
-        ReportOffBody = 0x1000, selinux name: report_off_body;
-        /// Checked when IkeystoreMetrics::pullMetris is called.
-        PullMetrics = 0x2000, selinux name: pull_metrics;
+        #[selinux(name = report_off_body)]
+        ReportOffBody,
+        /// Checked when IkeystoreMetrics::pullMetrics is called.
+        #[selinux(name = pull_metrics)]
+        PullMetrics,
         /// Checked when IKeystoreMaintenance::deleteAllKeys is called.
-        DeleteAllKeys = 0x4000, selinux name: delete_all_keys;
+        #[selinux(name = delete_all_keys)]
+        DeleteAllKeys,
     }
 );
 
@@ -332,17 +158,17 @@
 ///
 /// ## Example
 /// ```
-/// let perms1 = key_perm_set![KeyPerm::use_(), KeyPerm::manage_blob(), KeyPerm::grant()];
-/// let perms2 = key_perm_set![KeyPerm::use_(), KeyPerm::manage_blob()];
+/// let perms1 = key_perm_set![KeyPerm::Use, KeyPerm::ManageBlob, KeyPerm::Grant];
+/// let perms2 = key_perm_set![KeyPerm::Use, KeyPerm::ManageBlob];
 ///
 /// assert!(perms1.includes(perms2))
 /// assert!(!perms2.includes(perms1))
 ///
 /// let i = perms1.into_iter();
 /// // iteration in ascending order of the permission's numeric representation.
-/// assert_eq(Some(KeyPerm::manage_blob()), i.next());
-/// assert_eq(Some(KeyPerm::grant()), i.next());
-/// assert_eq(Some(KeyPerm::use_()), i.next());
+/// assert_eq(Some(KeyPerm::ManageBlob), i.next());
+/// assert_eq(Some(KeyPerm::Grant), i.next());
+/// assert_eq(Some(KeyPerm::Use), i.next());
 /// assert_eq(None, i.next());
 /// ```
 #[derive(Copy, Clone, Debug, Eq, PartialEq, Ord, PartialOrd)]
@@ -373,7 +199,7 @@
                 let p = self.vec.0 & (1 << self.pos);
                 self.pos += 1;
                 if p != 0 {
-                    return Some(KeyPerm::from(KeyPermission(p)));
+                    return Some(KeyPerm::from(p));
                 }
             }
         }
@@ -382,7 +208,7 @@
 
 impl From<KeyPerm> for KeyPermSet {
     fn from(p: KeyPerm) -> Self {
-        Self((p.0).0 as i32)
+        Self(p as i32)
     }
 }
 
@@ -417,7 +243,7 @@
 macro_rules! key_perm_set {
     () => { KeyPermSet(0) };
     ($head:expr $(, $tail:expr)* $(,)?) => {
-        KeyPermSet(($head.0).0 $(| ($tail.0).0)*)
+        KeyPermSet($head as i32 $(| $tail as i32)*)
     };
 }
 
@@ -430,14 +256,14 @@
     }
 }
 
-/// Uses `selinux::check_access` to check if the given caller context `caller_cxt` may access
+/// Uses `selinux::check_permission` to check if the given caller context `caller_cxt` may access
 /// the given permision `perm` of the `keystore2` security class.
 pub fn check_keystore_permission(caller_ctx: &CStr, perm: KeystorePerm) -> anyhow::Result<()> {
     let target_context = getcon().context("check_keystore_permission: getcon failed.")?;
-    selinux::check_access(caller_ctx, &target_context, "keystore2", perm.to_selinux())
+    selinux::check_permission(caller_ctx, &target_context, perm)
 }
 
-/// Uses `selinux::check_access` to check if the given caller context `caller_cxt` has
+/// Uses `selinux::check_permission` to check if the given caller context `caller_cxt` has
 /// all the permissions indicated in `access_vec` for the target domain indicated by the key
 /// descriptor `key` in the security class `keystore2_key`.
 ///
@@ -462,27 +288,24 @@
         _ => return Err(KsError::sys()).context(format!("Cannot grant {:?}.", key.domain)),
     };
 
-    selinux::check_access(caller_ctx, &target_context, "keystore2_key", "grant")
+    selinux::check_permission(caller_ctx, &target_context, KeyPerm::Grant)
         .context("Grant permission is required when granting.")?;
 
-    if access_vec.includes(KeyPerm::grant()) {
+    if access_vec.includes(KeyPerm::Grant) {
         return Err(selinux::Error::perm()).context("Grant permission cannot be granted.");
     }
 
     for p in access_vec.into_iter() {
-        selinux::check_access(caller_ctx, &target_context, "keystore2_key", p.to_selinux())
-            .context(format!(
-                concat!(
-                    "check_grant_permission: check_access failed. ",
-                    "The caller may have tried to grant a permission that they don't possess. {:?}"
-                ),
-                p
-            ))?
+        selinux::check_permission(caller_ctx, &target_context, p).context(format!(
+            "check_grant_permission: check_permission failed. \
+            The caller may have tried to grant a permission that they don't possess. {:?}",
+            p
+        ))?
     }
     Ok(())
 }
 
-/// Uses `selinux::check_access` to check if the given caller context `caller_cxt`
+/// Uses `selinux::check_permission` to check if the given caller context `caller_cxt`
 /// has the permissions indicated by `perm` for the target domain indicated by the key
 /// descriptor `key` in the security class `keystore2_key`.
 ///
@@ -492,7 +315,7 @@
 ///                      backend, and the result is used as target context.
 ///  * `Domain::BLOB` Same as SELinux but the "manage_blob" permission is always checked additionally
 ///                   to the one supplied in `perm`.
-///  * `Domain::GRANT` Does not use selinux::check_access. Instead the `access_vector`
+///  * `Domain::GRANT` Does not use selinux::check_permission. Instead the `access_vector`
 ///                    parameter is queried for permission, which must be supplied in this case.
 ///
 /// ## Return values.
@@ -536,7 +359,7 @@
             match access_vector {
                 Some(_) => {
                     return Err(selinux::Error::perm())
-                        .context(format!("\"{}\" not granted", perm.to_selinux()));
+                        .context(format!("\"{}\" not granted", perm.name()));
                 }
                 None => {
                     // If DOMAIN_GRANT was selected an access vector must be supplied.
@@ -557,12 +380,7 @@
                 .context("Domain::BLOB: Failed to lookup namespace.")?;
             // If DOMAIN_KEY_BLOB was specified, we check for the "manage_blob"
             // permission in addition to the requested permission.
-            selinux::check_access(
-                caller_ctx,
-                &tctx,
-                "keystore2_key",
-                KeyPerm::manage_blob().to_selinux(),
-            )?;
+            selinux::check_permission(caller_ctx, &tctx, KeyPerm::ManageBlob)?;
 
             tctx
         }
@@ -572,7 +390,7 @@
         }
     };
 
-    selinux::check_access(caller_ctx, &target_context, "keystore2_key", perm.to_selinux())
+    selinux::check_permission(caller_ctx, &target_context, perm)
 }
 
 #[cfg(test)]
@@ -583,49 +401,49 @@
     use keystore2_selinux::*;
 
     const ALL_PERMS: KeyPermSet = key_perm_set![
-        KeyPerm::manage_blob(),
-        KeyPerm::delete(),
-        KeyPerm::use_dev_id(),
-        KeyPerm::req_forced_op(),
-        KeyPerm::gen_unique_id(),
-        KeyPerm::grant(),
-        KeyPerm::get_info(),
-        KeyPerm::rebind(),
-        KeyPerm::update(),
-        KeyPerm::use_(),
-        KeyPerm::convert_storage_key_to_ephemeral(),
+        KeyPerm::ManageBlob,
+        KeyPerm::Delete,
+        KeyPerm::UseDevId,
+        KeyPerm::ReqForcedOp,
+        KeyPerm::GenUniqueId,
+        KeyPerm::Grant,
+        KeyPerm::GetInfo,
+        KeyPerm::Rebind,
+        KeyPerm::Update,
+        KeyPerm::Use,
+        KeyPerm::ConvertStorageKeyToEphemeral,
     ];
 
     const SYSTEM_SERVER_PERMISSIONS_NO_GRANT: KeyPermSet = key_perm_set![
-        KeyPerm::delete(),
-        KeyPerm::use_dev_id(),
-        // No KeyPerm::grant()
-        KeyPerm::get_info(),
-        KeyPerm::rebind(),
-        KeyPerm::update(),
-        KeyPerm::use_(),
+        KeyPerm::Delete,
+        KeyPerm::UseDevId,
+        // No KeyPerm::Grant
+        KeyPerm::GetInfo,
+        KeyPerm::Rebind,
+        KeyPerm::Update,
+        KeyPerm::Use,
     ];
 
     const NOT_GRANT_PERMS: KeyPermSet = key_perm_set![
-        KeyPerm::manage_blob(),
-        KeyPerm::delete(),
-        KeyPerm::use_dev_id(),
-        KeyPerm::req_forced_op(),
-        KeyPerm::gen_unique_id(),
-        // No KeyPerm::grant()
-        KeyPerm::get_info(),
-        KeyPerm::rebind(),
-        KeyPerm::update(),
-        KeyPerm::use_(),
-        KeyPerm::convert_storage_key_to_ephemeral(),
+        KeyPerm::ManageBlob,
+        KeyPerm::Delete,
+        KeyPerm::UseDevId,
+        KeyPerm::ReqForcedOp,
+        KeyPerm::GenUniqueId,
+        // No KeyPerm::Grant
+        KeyPerm::GetInfo,
+        KeyPerm::Rebind,
+        KeyPerm::Update,
+        KeyPerm::Use,
+        KeyPerm::ConvertStorageKeyToEphemeral,
     ];
 
     const UNPRIV_PERMS: KeyPermSet = key_perm_set![
-        KeyPerm::delete(),
-        KeyPerm::get_info(),
-        KeyPerm::rebind(),
-        KeyPerm::update(),
-        KeyPerm::use_(),
+        KeyPerm::Delete,
+        KeyPerm::GetInfo,
+        KeyPerm::Rebind,
+        KeyPerm::Update,
+        KeyPerm::Use,
     ];
 
     /// The su_key namespace as defined in su.te and keystore_key_contexts of the
@@ -672,28 +490,26 @@
     #[test]
     fn check_keystore_permission_test() -> Result<()> {
         let system_server_ctx = Context::new("u:r:system_server:s0")?;
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::add_auth()).is_ok());
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::clear_ns()).is_ok());
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::get_state()).is_ok());
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::lock()).is_ok());
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::reset()).is_ok());
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::unlock()).is_ok());
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::change_user()).is_ok());
-        assert!(
-            check_keystore_permission(&system_server_ctx, KeystorePerm::change_password()).is_ok()
-        );
-        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::clear_uid()).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::AddAuth).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::ClearNs).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::GetState).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::Lock).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::Reset).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::Unlock).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::ChangeUser).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::ChangePassword).is_ok());
+        assert!(check_keystore_permission(&system_server_ctx, KeystorePerm::ClearUID).is_ok());
         let shell_ctx = Context::new("u:r:shell:s0")?;
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::add_auth()));
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::clear_ns()));
-        assert!(check_keystore_permission(&shell_ctx, KeystorePerm::get_state()).is_ok());
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::list()));
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::lock()));
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::reset()));
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::unlock()));
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::change_user()));
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::change_password()));
-        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::clear_uid()));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::AddAuth));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::ClearNs));
+        assert!(check_keystore_permission(&shell_ctx, KeystorePerm::GetState).is_ok());
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::List));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::Lock));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::Reset));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::Unlock));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::ChangeUser));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::ChangePassword));
+        assert_perm_failed!(check_keystore_permission(&shell_ctx, KeystorePerm::ClearUID));
         Ok(())
     }
 
@@ -708,7 +524,7 @@
         // attempts to grant the grant permission must always fail even when privileged.
         assert_perm_failed!(check_grant_permission(
             &system_server_ctx,
-            KeyPerm::grant().into(),
+            KeyPerm::Grant.into(),
             &key
         ));
         // unprivileged grant attempts always fail. shell does not have the grant permission.
@@ -728,7 +544,7 @@
         if is_su {
             assert!(check_grant_permission(&sctx, NOT_GRANT_PERMS, &key).is_ok());
             // attempts to grant the grant permission must always fail even when privileged.
-            assert_perm_failed!(check_grant_permission(&sctx, KeyPerm::grant().into(), &key));
+            assert_perm_failed!(check_grant_permission(&sctx, KeyPerm::Grant.into(), &key));
         } else {
             // unprivileged grant attempts always fail. shell does not have the grant permission.
             assert_perm_failed!(check_grant_permission(&sctx, UNPRIV_PERMS, &key));
@@ -743,7 +559,7 @@
         assert_perm_failed!(check_key_permission(
             0,
             &selinux::Context::new("ignored").unwrap(),
-            KeyPerm::grant(),
+            KeyPerm::Grant,
             &key,
             &Some(UNPRIV_PERMS)
         ));
@@ -751,7 +567,7 @@
         check_key_permission(
             0,
             &selinux::Context::new("ignored").unwrap(),
-            KeyPerm::use_(),
+            KeyPerm::Use,
             &key,
             &Some(ALL_PERMS),
         )
@@ -765,61 +581,31 @@
 
         let key = KeyDescriptor { domain: Domain::APP, nspace: 0, alias: None, blob: None };
 
-        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::use_(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::delete(), &key, &None).is_ok());
-        assert!(
-            check_key_permission(0, &system_server_ctx, KeyPerm::get_info(), &key, &None).is_ok()
-        );
-        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::rebind(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::update(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::grant(), &key, &None).is_ok());
-        assert!(
-            check_key_permission(0, &system_server_ctx, KeyPerm::use_dev_id(), &key, &None).is_ok()
-        );
-        assert!(
-            check_key_permission(0, &gmscore_app, KeyPerm::gen_unique_id(), &key, &None).is_ok()
-        );
+        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::Use, &key, &None).is_ok());
+        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::Delete, &key, &None).is_ok());
+        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::GetInfo, &key, &None).is_ok());
+        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::Rebind, &key, &None).is_ok());
+        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::Update, &key, &None).is_ok());
+        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::Grant, &key, &None).is_ok());
+        assert!(check_key_permission(0, &system_server_ctx, KeyPerm::UseDevId, &key, &None).is_ok());
+        assert!(check_key_permission(0, &gmscore_app, KeyPerm::GenUniqueId, &key, &None).is_ok());
 
-        assert!(check_key_permission(0, &shell_ctx, KeyPerm::use_(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &shell_ctx, KeyPerm::delete(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &shell_ctx, KeyPerm::get_info(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &shell_ctx, KeyPerm::rebind(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &shell_ctx, KeyPerm::update(), &key, &None).is_ok());
-        assert_perm_failed!(check_key_permission(0, &shell_ctx, KeyPerm::grant(), &key, &None));
-        assert_perm_failed!(check_key_permission(
-            0,
-            &shell_ctx,
-            KeyPerm::req_forced_op(),
-            &key,
-            &None
-        ));
-        assert_perm_failed!(check_key_permission(
-            0,
-            &shell_ctx,
-            KeyPerm::manage_blob(),
-            &key,
-            &None
-        ));
-        assert_perm_failed!(check_key_permission(
-            0,
-            &shell_ctx,
-            KeyPerm::use_dev_id(),
-            &key,
-            &None
-        ));
-        assert_perm_failed!(check_key_permission(
-            0,
-            &shell_ctx,
-            KeyPerm::gen_unique_id(),
-            &key,
-            &None
-        ));
+        assert!(check_key_permission(0, &shell_ctx, KeyPerm::Use, &key, &None).is_ok());
+        assert!(check_key_permission(0, &shell_ctx, KeyPerm::Delete, &key, &None).is_ok());
+        assert!(check_key_permission(0, &shell_ctx, KeyPerm::GetInfo, &key, &None).is_ok());
+        assert!(check_key_permission(0, &shell_ctx, KeyPerm::Rebind, &key, &None).is_ok());
+        assert!(check_key_permission(0, &shell_ctx, KeyPerm::Update, &key, &None).is_ok());
+        assert_perm_failed!(check_key_permission(0, &shell_ctx, KeyPerm::Grant, &key, &None));
+        assert_perm_failed!(check_key_permission(0, &shell_ctx, KeyPerm::ReqForcedOp, &key, &None));
+        assert_perm_failed!(check_key_permission(0, &shell_ctx, KeyPerm::ManageBlob, &key, &None));
+        assert_perm_failed!(check_key_permission(0, &shell_ctx, KeyPerm::UseDevId, &key, &None));
+        assert_perm_failed!(check_key_permission(0, &shell_ctx, KeyPerm::GenUniqueId, &key, &None));
 
         // Also make sure that the permission fails if the caller is not the owner.
         assert_perm_failed!(check_key_permission(
             1, // the owner is 0
             &system_server_ctx,
-            KeyPerm::use_(),
+            KeyPerm::Use,
             &key,
             &None
         ));
@@ -827,18 +613,18 @@
         assert!(check_key_permission(
             1,
             &system_server_ctx,
-            KeyPerm::use_(),
+            KeyPerm::Use,
             &key,
-            &Some(key_perm_set![KeyPerm::use_()])
+            &Some(key_perm_set![KeyPerm::Use])
         )
         .is_ok());
         // But fail if the grant did not cover the requested permission.
         assert_perm_failed!(check_key_permission(
             1,
             &system_server_ctx,
-            KeyPerm::use_(),
+            KeyPerm::Use,
             &key,
-            &Some(key_perm_set![KeyPerm::get_info()])
+            &Some(key_perm_set![KeyPerm::GetInfo])
         ));
 
         Ok(())
@@ -854,42 +640,24 @@
             blob: None,
         };
 
-        assert!(check_key_permission(0, &sctx, KeyPerm::use_(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &sctx, KeyPerm::delete(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &sctx, KeyPerm::get_info(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &sctx, KeyPerm::rebind(), &key, &None).is_ok());
-        assert!(check_key_permission(0, &sctx, KeyPerm::update(), &key, &None).is_ok());
+        assert!(check_key_permission(0, &sctx, KeyPerm::Use, &key, &None).is_ok());
+        assert!(check_key_permission(0, &sctx, KeyPerm::Delete, &key, &None).is_ok());
+        assert!(check_key_permission(0, &sctx, KeyPerm::GetInfo, &key, &None).is_ok());
+        assert!(check_key_permission(0, &sctx, KeyPerm::Rebind, &key, &None).is_ok());
+        assert!(check_key_permission(0, &sctx, KeyPerm::Update, &key, &None).is_ok());
 
         if is_su {
-            assert!(check_key_permission(0, &sctx, KeyPerm::grant(), &key, &None).is_ok());
-            assert!(check_key_permission(0, &sctx, KeyPerm::manage_blob(), &key, &None).is_ok());
-            assert!(check_key_permission(0, &sctx, KeyPerm::use_dev_id(), &key, &None).is_ok());
-            assert!(check_key_permission(0, &sctx, KeyPerm::gen_unique_id(), &key, &None).is_ok());
-            assert!(check_key_permission(0, &sctx, KeyPerm::req_forced_op(), &key, &None).is_ok());
+            assert!(check_key_permission(0, &sctx, KeyPerm::Grant, &key, &None).is_ok());
+            assert!(check_key_permission(0, &sctx, KeyPerm::ManageBlob, &key, &None).is_ok());
+            assert!(check_key_permission(0, &sctx, KeyPerm::UseDevId, &key, &None).is_ok());
+            assert!(check_key_permission(0, &sctx, KeyPerm::GenUniqueId, &key, &None).is_ok());
+            assert!(check_key_permission(0, &sctx, KeyPerm::ReqForcedOp, &key, &None).is_ok());
         } else {
-            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::grant(), &key, &None));
-            assert_perm_failed!(check_key_permission(
-                0,
-                &sctx,
-                KeyPerm::req_forced_op(),
-                &key,
-                &None
-            ));
-            assert_perm_failed!(check_key_permission(
-                0,
-                &sctx,
-                KeyPerm::manage_blob(),
-                &key,
-                &None
-            ));
-            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::use_dev_id(), &key, &None));
-            assert_perm_failed!(check_key_permission(
-                0,
-                &sctx,
-                KeyPerm::gen_unique_id(),
-                &key,
-                &None
-            ));
+            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::Grant, &key, &None));
+            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::ReqForcedOp, &key, &None));
+            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::ManageBlob, &key, &None));
+            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::UseDevId, &key, &None));
+            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::GenUniqueId, &key, &None));
         }
         Ok(())
     }
@@ -905,9 +673,9 @@
         };
 
         if is_su {
-            check_key_permission(0, &sctx, KeyPerm::use_(), &key, &None)
+            check_key_permission(0, &sctx, KeyPerm::Use, &key, &None)
         } else {
-            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::use_(), &key, &None));
+            assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::Use, &key, &None));
             Ok(())
         }
     }
@@ -921,7 +689,7 @@
             check_key_permission(
                 0,
                 &selinux::Context::new("ignored").unwrap(),
-                KeyPerm::use_(),
+                KeyPerm::Use,
                 &key,
                 &None
             )
@@ -936,45 +704,45 @@
     #[test]
     fn key_perm_set_all_test() {
         let v = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::delete(),
-            KeyPerm::use_dev_id(),
-            KeyPerm::req_forced_op(),
-            KeyPerm::gen_unique_id(),
-            KeyPerm::grant(),
-            KeyPerm::get_info(),
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_() // Test if the macro accepts missing comma at the end of the list.
+            KeyPerm::ManageBlob,
+            KeyPerm::Delete,
+            KeyPerm::UseDevId,
+            KeyPerm::ReqForcedOp,
+            KeyPerm::GenUniqueId,
+            KeyPerm::Grant,
+            KeyPerm::GetInfo,
+            KeyPerm::Rebind,
+            KeyPerm::Update,
+            KeyPerm::Use // Test if the macro accepts missing comma at the end of the list.
         ];
         let mut i = v.into_iter();
-        assert_eq!(i.next().unwrap().to_selinux(), "delete");
-        assert_eq!(i.next().unwrap().to_selinux(), "gen_unique_id");
-        assert_eq!(i.next().unwrap().to_selinux(), "get_info");
-        assert_eq!(i.next().unwrap().to_selinux(), "grant");
-        assert_eq!(i.next().unwrap().to_selinux(), "manage_blob");
-        assert_eq!(i.next().unwrap().to_selinux(), "rebind");
-        assert_eq!(i.next().unwrap().to_selinux(), "req_forced_op");
-        assert_eq!(i.next().unwrap().to_selinux(), "update");
-        assert_eq!(i.next().unwrap().to_selinux(), "use");
-        assert_eq!(i.next().unwrap().to_selinux(), "use_dev_id");
+        assert_eq!(i.next().unwrap().name(), "delete");
+        assert_eq!(i.next().unwrap().name(), "gen_unique_id");
+        assert_eq!(i.next().unwrap().name(), "get_info");
+        assert_eq!(i.next().unwrap().name(), "grant");
+        assert_eq!(i.next().unwrap().name(), "manage_blob");
+        assert_eq!(i.next().unwrap().name(), "rebind");
+        assert_eq!(i.next().unwrap().name(), "req_forced_op");
+        assert_eq!(i.next().unwrap().name(), "update");
+        assert_eq!(i.next().unwrap().name(), "use");
+        assert_eq!(i.next().unwrap().name(), "use_dev_id");
         assert_eq!(None, i.next());
     }
     #[test]
     fn key_perm_set_sparse_test() {
         let v = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::req_forced_op(),
-            KeyPerm::gen_unique_id(),
-            KeyPerm::update(),
-            KeyPerm::use_(), // Test if macro accepts the comma at the end of the list.
+            KeyPerm::ManageBlob,
+            KeyPerm::ReqForcedOp,
+            KeyPerm::GenUniqueId,
+            KeyPerm::Update,
+            KeyPerm::Use, // Test if macro accepts the comma at the end of the list.
         ];
         let mut i = v.into_iter();
-        assert_eq!(i.next().unwrap().to_selinux(), "gen_unique_id");
-        assert_eq!(i.next().unwrap().to_selinux(), "manage_blob");
-        assert_eq!(i.next().unwrap().to_selinux(), "req_forced_op");
-        assert_eq!(i.next().unwrap().to_selinux(), "update");
-        assert_eq!(i.next().unwrap().to_selinux(), "use");
+        assert_eq!(i.next().unwrap().name(), "gen_unique_id");
+        assert_eq!(i.next().unwrap().name(), "manage_blob");
+        assert_eq!(i.next().unwrap().name(), "req_forced_op");
+        assert_eq!(i.next().unwrap().name(), "update");
+        assert_eq!(i.next().unwrap().name(), "use");
         assert_eq!(None, i.next());
     }
     #[test]
@@ -986,23 +754,23 @@
     #[test]
     fn key_perm_set_include_subset_test() {
         let v1 = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::delete(),
-            KeyPerm::use_dev_id(),
-            KeyPerm::req_forced_op(),
-            KeyPerm::gen_unique_id(),
-            KeyPerm::grant(),
-            KeyPerm::get_info(),
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_(),
+            KeyPerm::ManageBlob,
+            KeyPerm::Delete,
+            KeyPerm::UseDevId,
+            KeyPerm::ReqForcedOp,
+            KeyPerm::GenUniqueId,
+            KeyPerm::Grant,
+            KeyPerm::GetInfo,
+            KeyPerm::Rebind,
+            KeyPerm::Update,
+            KeyPerm::Use,
         ];
         let v2 = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::delete(),
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_(),
+            KeyPerm::ManageBlob,
+            KeyPerm::Delete,
+            KeyPerm::Rebind,
+            KeyPerm::Update,
+            KeyPerm::Use,
         ];
         assert!(v1.includes(v2));
         assert!(!v2.includes(v1));
@@ -1010,18 +778,18 @@
     #[test]
     fn key_perm_set_include_equal_test() {
         let v1 = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::delete(),
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_(),
+            KeyPerm::ManageBlob,
+            KeyPerm::Delete,
+            KeyPerm::Rebind,
+            KeyPerm::Update,
+            KeyPerm::Use,
         ];
         let v2 = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::delete(),
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_(),
+            KeyPerm::ManageBlob,
+            KeyPerm::Delete,
+            KeyPerm::Rebind,
+            KeyPerm::Update,
+            KeyPerm::Use,
         ];
         assert!(v1.includes(v2));
         assert!(v2.includes(v1));
@@ -1029,33 +797,29 @@
     #[test]
     fn key_perm_set_include_overlap_test() {
         let v1 = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::delete(),
-            KeyPerm::grant(), // only in v1
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_(),
+            KeyPerm::ManageBlob,
+            KeyPerm::Delete,
+            KeyPerm::Grant, // only in v1
+            KeyPerm::Rebind,
+            KeyPerm::Update,
+            KeyPerm::Use,
         ];
         let v2 = key_perm_set![
-            KeyPerm::manage_blob(),
-            KeyPerm::delete(),
-            KeyPerm::req_forced_op(), // only in v2
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_(),
+            KeyPerm::ManageBlob,
+            KeyPerm::Delete,
+            KeyPerm::ReqForcedOp, // only in v2
+            KeyPerm::Rebind,
+            KeyPerm::Update,
+            KeyPerm::Use,
         ];
         assert!(!v1.includes(v2));
         assert!(!v2.includes(v1));
     }
     #[test]
     fn key_perm_set_include_no_overlap_test() {
-        let v1 = key_perm_set![KeyPerm::manage_blob(), KeyPerm::delete(), KeyPerm::grant(),];
-        let v2 = key_perm_set![
-            KeyPerm::req_forced_op(),
-            KeyPerm::rebind(),
-            KeyPerm::update(),
-            KeyPerm::use_(),
-        ];
+        let v1 = key_perm_set![KeyPerm::ManageBlob, KeyPerm::Delete, KeyPerm::Grant,];
+        let v2 =
+            key_perm_set![KeyPerm::ReqForcedOp, KeyPerm::Rebind, KeyPerm::Update, KeyPerm::Use,];
         assert!(!v1.includes(v2));
         assert!(!v2.includes(v1));
     }
diff --git a/keystore2/src/security_level.rs b/keystore2/src/security_level.rs
index 74aba3c..ee725eb 100644
--- a/keystore2/src/security_level.rs
+++ b/keystore2/src/security_level.rs
@@ -216,10 +216,10 @@
         let scoping_blob: Vec<u8>;
         let (km_blob, key_properties, key_id_guard, blob_metadata) = match key.domain {
             Domain::BLOB => {
-                check_key_permission(KeyPerm::use_(), key, &None)
+                check_key_permission(KeyPerm::Use, key, &None)
                     .context("In create_operation: checking use permission for Domain::BLOB.")?;
                 if forced {
-                    check_key_permission(KeyPerm::req_forced_op(), key, &None).context(
+                    check_key_permission(KeyPerm::ReqForcedOp, key, &None).context(
                         "In create_operation: checking forced permission for Domain::BLOB.",
                     )?;
                 }
@@ -248,9 +248,9 @@
                                 KeyEntryLoadBits::KM,
                                 caller_uid,
                                 |k, av| {
-                                    check_key_permission(KeyPerm::use_(), k, &av)?;
+                                    check_key_permission(KeyPerm::Use, k, &av)?;
                                     if forced {
-                                        check_key_permission(KeyPerm::req_forced_op(), k, &av)?;
+                                        check_key_permission(KeyPerm::ReqForcedOp, k, &av)?;
                                     }
                                     Ok(())
                                 },
@@ -415,7 +415,7 @@
         }
 
         if params.iter().any(|kp| kp.tag == Tag::INCLUDE_UNIQUE_ID) {
-            check_key_permission(KeyPerm::gen_unique_id(), key, &None).context(concat!(
+            check_key_permission(KeyPerm::GenUniqueId, key, &None).context(concat!(
                 "In add_certificate_parameters: ",
                 "Caller does not have the permission to generate a unique ID"
             ))?;
@@ -487,7 +487,7 @@
 
         // generate_key requires the rebind permission.
         // Must return on error for security reasons.
-        check_key_permission(KeyPerm::rebind(), &key, &None).context("In generate_key.")?;
+        check_key_permission(KeyPerm::Rebind, &key, &None).context("In generate_key.")?;
 
         let attestation_key_info = match (key.domain, attest_key_descriptor) {
             (Domain::BLOB, _) => None,
@@ -601,7 +601,7 @@
         };
 
         // import_key requires the rebind permission.
-        check_key_permission(KeyPerm::rebind(), &key, &None).context("In import_key.")?;
+        check_key_permission(KeyPerm::Rebind, &key, &None).context("In import_key.")?;
 
         let params = self
             .add_certificate_parameters(caller_uid, params, &key)
@@ -685,7 +685,7 @@
         };
 
         // Import_wrapped_key requires the rebind permission for the new key.
-        check_key_permission(KeyPerm::rebind(), &key, &None).context("In import_wrapped_key.")?;
+        check_key_permission(KeyPerm::Rebind, &key, &None).context("In import_wrapped_key.")?;
 
         let (wrapping_key_id_guard, mut wrapping_key_entry) = DB
             .with(|db| {
@@ -695,7 +695,7 @@
                         KeyType::Client,
                         KeyEntryLoadBits::KM,
                         caller_uid,
-                        |k, av| check_key_permission(KeyPerm::use_(), k, &av),
+                        |k, av| check_key_permission(KeyPerm::Use, k, &av),
                     )
                 })
             })
@@ -876,7 +876,7 @@
             )?;
 
         // convert_storage_key_to_ephemeral requires the associated permission
-        check_key_permission(KeyPerm::convert_storage_key_to_ephemeral(), storage_key, &None)
+        check_key_permission(KeyPerm::ConvertStorageKeyToEphemeral, storage_key, &None)
             .context("In convert_storage_key_to_ephemeral: Check permission")?;
 
         let km_dev = &self.keymint;
@@ -935,7 +935,7 @@
             .ok_or(error::Error::Km(ErrorCode::INVALID_ARGUMENT))
             .context("In IKeystoreSecurityLevel delete_key: No key blob specified")?;
 
-        check_key_permission(KeyPerm::delete(), key, &None)
+        check_key_permission(KeyPerm::Delete, key, &None)
             .context("In IKeystoreSecurityLevel delete_key: Checking delete permissions")?;
 
         let km_dev = &self.keymint;
diff --git a/keystore2/src/service.rs b/keystore2/src/service.rs
index b35fe36..70f5c71 100644
--- a/keystore2/src/service.rs
+++ b/keystore2/src/service.rs
@@ -138,7 +138,7 @@
                         KeyType::Client,
                         KeyEntryLoadBits::PUBLIC,
                         caller_uid,
-                        |k, av| check_key_permission(KeyPerm::get_info(), k, &av),
+                        |k, av| check_key_permission(KeyPerm::GetInfo, k, &av),
                     )
                 })
             })
@@ -190,7 +190,7 @@
                     KeyEntryLoadBits::NONE,
                     caller_uid,
                     |k, av| {
-                        check_key_permission(KeyPerm::update(), k, &av)
+                        check_key_permission(KeyPerm::Update, k, &av)
                             .context("In update_subcomponent.")
                     },
                 )
@@ -236,7 +236,7 @@
             };
 
             // Security critical: This must return on failure. Do not remove the `?`;
-            check_key_permission(KeyPerm::rebind(), &key, &None)
+            check_key_permission(KeyPerm::Rebind, &key, &None)
                 .context("Caller does not have permission to insert this certificate.")?;
 
             db.store_new_certificate(
@@ -269,12 +269,12 @@
         // If the first check fails we check if the caller has the list permission allowing to list
         // any namespace. In that case we also adjust the queried namespace if a specific uid was
         // selected.
-        match check_key_permission(KeyPerm::get_info(), &k, &None) {
+        match check_key_permission(KeyPerm::GetInfo, &k, &None) {
             Err(e) => {
                 if let Some(selinux::Error::PermissionDenied) =
                     e.root_cause().downcast_ref::<selinux::Error>()
                 {
-                    check_keystore_permission(KeystorePerm::list())
+                    check_keystore_permission(KeystorePerm::List)
                         .context("In list_entries: While checking keystore permission.")?;
                     if namespace != -1 {
                         k.nspace = namespace;
@@ -309,7 +309,7 @@
         DB.with(|db| {
             LEGACY_MIGRATOR.with_try_migrate(key, caller_uid, || {
                 db.borrow_mut().unbind_key(key, KeyType::Client, caller_uid, |k, av| {
-                    check_key_permission(KeyPerm::delete(), k, &av).context("During delete_key.")
+                    check_key_permission(KeyPerm::Delete, k, &av).context("During delete_key.")
                 })
             })
         })
@@ -341,7 +341,7 @@
     fn ungrant(&self, key: &KeyDescriptor, grantee_uid: i32) -> Result<()> {
         DB.with(|db| {
             db.borrow_mut().ungrant(key, ThreadState::get_calling_uid(), grantee_uid as u32, |k| {
-                check_key_permission(KeyPerm::grant(), k, &None)
+                check_key_permission(KeyPerm::Grant, k, &None)
             })
         })
         .context("In KeystoreService::ungrant.")