Define the MigrateAnyKey permission corresponding to the selinux perm `migrate_any_key`. Checked when migrating keys for an app leaving a sharedUserId. Bug: 179284822 Test: TH Change-Id: I831af2f99049401855dcf4b7d23555a3473e37c6

commit: daf73bcdaace0d8193b2fe51add3940c45bd47a9 [log] [tgz]
author: Ashwini Oruganti <ashfall@google.com> Mon Nov 15 10:46:31 2021 -0800
committer: Ashwini Oruganti <ashfall@google.com> Tue Nov 16 10:54:38 2021 -0800
tree: d27e9f7f3647fcb7652f5967de0de2f2130e72aa
parent: 012b3ec88da345ce29f025e82f919a9ef3477bc4 [diff] [blame]
diff --git a/keystore2/src/permission.rs b/keystore2/src/permission.rs
index f280341..e6d61b0 100644
--- a/keystore2/src/permission.rs
+++ b/keystore2/src/permission.rs

@@ -145,6 +145,10 @@
         /// Checked when IKeystoreMaintenance::deleteAllKeys is called.
         #[selinux(name = delete_all_keys)]
         DeleteAllKeys,
+        /// Checked when migrating any key from any namespace to any other namespace. It was
+        /// introduced for migrating keys when an app leaves a sharedUserId.
+        #[selinux(name = migrate_any_key)]
+        MigrateAnyKey,
     }
 );
commit	daf73bcdaace0d8193b2fe51add3940c45bd47a9	[log] [tgz]
author	Ashwini Oruganti <ashfall@google.com>	Mon Nov 15 10:46:31 2021 -0800
committer	Ashwini Oruganti <ashfall@google.com>	Tue Nov 16 10:54:38 2021 -0800
tree	d27e9f7f3647fcb7652f5967de0de2f2130e72aa
parent	012b3ec88da345ce29f025e82f919a9ef3477bc4 [diff] [blame]