Add new keystore2 permission get_last_auth_time. This is checked when getting the time of last successful authentication from keystore2. The auth_service is the only expected caller. Bug: 303839446 Test: manual Change-Id: Idf222e69c0553a7be94206b519a95a4006e69507

commit: 038f859db2fcedea645aa7c8e023ed246a1e7f45 [log] [tgz]
author: James Willcox <jwillcox@google.com> Tue Oct 03 21:24:20 2023 +0000
committer: James Willcox <jwillcox@google.com> Tue Oct 31 20:28:43 2023 +0000
tree: ce4ebceb10ffb81c11e2a4d431ed3f06b3a16817
parent: 072d8fc0db7db982109de1f74f0cf790858a2fed [diff]
diff --git a/private/access_vectors b/private/access_vectors
index adb3a61..32d73dd 100644
--- a/private/access_vectors
+++ b/private/access_vectors

@@ -726,6 +726,7 @@
 	early_boot_ended
 	get_attestation_key
 	get_auth_token
+	get_last_auth_time
 	get_state
 	list
 	lock

diff --git a/private/system_server.te b/private/system_server.te
index efdeff4..aa95dce 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -979,6 +979,7 @@
 	change_user
 	clear_ns
 	clear_uid
+	get_last_auth_time
 	lock
 	pull_metrics
 	reset
commit	038f859db2fcedea645aa7c8e023ed246a1e7f45	[log] [tgz]
author	James Willcox <jwillcox@google.com>	Tue Oct 03 21:24:20 2023 +0000
committer	James Willcox <jwillcox@google.com>	Tue Oct 31 20:28:43 2023 +0000
tree	ce4ebceb10ffb81c11e2a4d431ed3f06b3a16817
parent	072d8fc0db7db982109de1f74f0cf790858a2fed [diff]