Merge "Keystore 2.0: Add early_boot_ended permission"

commit: 45ed18d96aad4d58e249045f05431e0a9f6924fb [log] [tgz]
author: Satya Tangirala <satyat@google.com> Wed Mar 24 19:47:47 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Mar 24 19:47:47 2021 +0000
tree: 97fa8f09dc9f1f51ab9174c30670b45d1a0f3d5c
parent: 23d9de79158e16dbbda9d55a580c4fe206322d63 [diff]
parent: 5ef8686428bfe2729b9ed33b8466ac8fc828244a [diff]
diff --git a/private/access_vectors b/private/access_vectors
index 8fbc2dc..22f2ffa 100644
--- a/private/access_vectors
+++ b/private/access_vectors

@@ -721,6 +721,7 @@
 	change_user
 	clear_ns
 	clear_uid
+	early_boot_ended
 	get_auth_token
 	get_state
 	list

diff --git a/private/vold.te b/private/vold.te
index ba5ad8c..93a3515 100644
--- a/private/vold.te
+++ b/private/vold.te

@@ -45,6 +45,12 @@
     use
 };
 
+# vold needs to find keystore2 services
+allow vold keystore_maintenance_service:service_manager find;
+
+# vold needs to be able to call earlyBootEnded()
+allow vold keystore:keystore2 early_boot_ended;
+
 neverallow {
     domain
     -system_server
commit	45ed18d96aad4d58e249045f05431e0a9f6924fb	[log] [tgz]
author	Satya Tangirala <satyat@google.com>	Wed Mar 24 19:47:47 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Mar 24 19:47:47 2021 +0000
tree	97fa8f09dc9f1f51ab9174c30670b45d1a0f3d5c
parent	23d9de79158e16dbbda9d55a580c4fe206322d63 [diff]
parent	5ef8686428bfe2729b9ed33b8466ac8fc828244a [diff]