Merge "Disable cert validation in tests until b/263254184 is fixed"
diff --git a/keystore2/apc_compat/apc_compat.rs b/keystore2/apc_compat/apc_compat.rs
index 57f8710..9f44927 100644
--- a/keystore2/apc_compat/apc_compat.rs
+++ b/keystore2/apc_compat/apc_compat.rs
@@ -19,7 +19,7 @@
//! client.
use keystore2_apc_compat_bindgen::{
- abortUserConfirmation, closeUserConfirmationService, promptUserConfirmation, size_t,
+ abortUserConfirmation, closeUserConfirmationService, promptUserConfirmation,
tryGetUserConfirmationService, ApcCompatCallback, ApcCompatServiceHandle,
};
pub use keystore2_apc_compat_bindgen::{
@@ -76,9 +76,9 @@
handle: *mut ::std::os::raw::c_void,
rc: u32,
tbs_message: *const u8,
- tbs_message_size: size_t,
+ tbs_message_size: usize,
confirmation_token: *const u8,
- confirmation_token_size: size_t,
+ confirmation_token_size: usize,
) {
// # Safety:
// The C/C++ implementation must pass to us the handle that was created
@@ -178,7 +178,7 @@
cb,
prompt_text.as_ptr(),
extra_data.as_ptr(),
- extra_data.len() as size_t,
+ extra_data.len() as usize,
locale.as_ptr(),
ui_opts,
)
diff --git a/ondevice-signing/odsign.rc b/ondevice-signing/odsign.rc
index de09fc0..b96c62f 100644
--- a/ondevice-signing/odsign.rc
+++ b/ondevice-signing/odsign.rc
@@ -3,6 +3,13 @@
user root
group system
disabled # does not start with the core class
+ # Explicitly specify empty capabilities, otherwise odsign will inherit all
+ # the capabilities from init.
+ # Note: whether a process can use capabilities is controlled by SELinux, so
+ # inheriting all the capabilities from init is not a security issue.
+ # However, for defense-in-depth and just for the sake of bookkeeping it's
+ # better to explicitly state that odsign doesn't need any capabilities.
+ capabilities
# Note that odsign is not oneshot, but stopped manually when it exits. This
# ensures that if odsign crashes during a module update, apexd will detect