Credstore: Add rules to allow credstore read keystore2_enable property.
This is temporary, until keystore2 lands.
Test: CtsVerifier.
Change-Id: I8335e0eb48da682e66fceff9e31696d61235424b
diff --git a/private/credstore.te b/private/credstore.te
index 8d87e2f..a1c3263 100644
--- a/private/credstore.te
+++ b/private/credstore.te
@@ -4,3 +4,6 @@
# talk to Identity Credential
hal_client_domain(credstore, hal_identity)
+
+# TODO Remove this property when Keystore 2.0 migration is complete b/171563717
+get_prop(credstore, keystore2_enable_prop)
diff --git a/private/property.te b/private/property.te
index e435628..a9c0c62 100644
--- a/private/property.te
+++ b/private/property.te
@@ -548,6 +548,7 @@
-system_app
-system_server
-zygote
+ -credstore
} keystore2_enable_prop:file no_rw_file_perms;
neverallow {