Move list permission from keystore2_key to keystore class. The list permission protects the ability to list arbitrary namespaces. This is not a namespace specific permission but a Keystore specific permission. Listing the entries of a given namsepace is covered by the get_info permission already. Ignore-AOSP-First: This needs to land in googleplex first to updated prebuilt vendor images. Otherwise it breaks aosp-with-phone builds. Test: N/A Change-Id: If6e79fd863a79acf8d8ab10c6362a4eeaa88a5b8

commit: 144c822018006244e6cb4f3a538fbb13df56d058 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Thu Sep 24 08:55:28 2020 -0700
committer: Xin Li <delphij@google.com> Thu Oct 01 05:33:31 2020 +0000
tree: f52ce32ec3ca6eb0c0473ac0cec9addc8e6a7fa8
parent: cc932836c1d7266171d644f4a74a2030824602dd [diff] [blame]
diff --git a/private/access_vectors b/private/access_vectors
index 8364bc5..1420360 100644
--- a/private/access_vectors
+++ b/private/access_vectors

@@ -716,6 +716,7 @@
 	add_auth
 	clear_ns
 	get_state
+	list
 	lock
 	reset
 	unlock
@@ -727,7 +728,6 @@
 	gen_unique_id
 	get_info
 	grant
-	list
 	manage_blob
 	rebind
 	req_forced_op
commit	144c822018006244e6cb4f3a538fbb13df56d058	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Thu Sep 24 08:55:28 2020 -0700
committer	Xin Li <delphij@google.com>	Thu Oct 01 05:33:31 2020 +0000
tree	f52ce32ec3ca6eb0c0473ac0cec9addc8e6a7fa8
parent	cc932836c1d7266171d644f4a74a2030824602dd [diff] [blame]