Log key import, destruction and generation failure for audit. This is required by NIAP audit logging requirements. import and destruction events contain key name and uid. Keystore is added to "log" secondary group to be able to write to security buffer. Test: manual, imported and deleted key via Settings while monitoring adb shell su - logcat -b security Bug:70886042 Change-Id: Iebb29380da5251ff66609884e615aabc379cd389

commit: ff311b4739ce7b26a93615d0368cd24542b5268b [log] [tgz]
author: Pavel Grafov <pgrafov@google.com> Wed Jan 24 20:34:37 2018 +0000
committer: Pavel Grafov <pgrafov@google.com> Mon Jan 29 20:11:06 2018 +0000
tree: bbd8d7f377536d42aae50777ac7ce011314b1f55
parent: b6de2e0eb9774e45833e0dc82a741bc9f50da90e [diff] [blame]
diff --git a/keystore/keystore.rc b/keystore/keystore.rc
index 5dac937..132039a 100644
--- a/keystore/keystore.rc
+++ b/keystore/keystore.rc

@@ -1,5 +1,5 @@
 service keystore /system/bin/keystore /data/misc/keystore
     class main
     user keystore
-    group keystore drmrpc readproc
+    group keystore drmrpc readproc log
     writepid /dev/cpuset/foreground/tasks
commit	ff311b4739ce7b26a93615d0368cd24542b5268b	[log] [tgz]
author	Pavel Grafov <pgrafov@google.com>	Wed Jan 24 20:34:37 2018 +0000
committer	Pavel Grafov <pgrafov@google.com>	Mon Jan 29 20:11:06 2018 +0000
tree	bbd8d7f377536d42aae50777ac7ce011314b1f55
parent	b6de2e0eb9774e45833e0dc82a741bc9f50da90e [diff] [blame]