Pull keychain-data policy out of system-data Migrators should be allowed to write to /data/misc/keychain in order to remove it. Similarly /data/misc/user should be writable by system apps. TODO: Revoke zygote's rights to read from /data/misc/keychain on behalf of some preloaded security classes. Bug: 17811821 Change-Id: I9e9c6883cff1dca3755732225404909c16a0e547

commit: 51bfecf49d50982f64aba1fa73bbbdd2e40a444f [log] [tgz]
author: Robin Lee <rgl@google.com> Mon Oct 13 12:10:08 2014 +0100
committer: Robin Lee <rgl@google.com> Wed Oct 15 18:02:03 2014 +0000
tree: fb112aa5cc8b9546e8a26a35d732c266399664c6
parent: ebfd9f87197f4a39bbc2a5e4f6c6dffc28be36d7 [diff] [blame]
diff --git a/file_contexts b/file_contexts
index 33ac8a3..ec91425 100644
--- a/file_contexts
+++ b/file_contexts

@@ -203,12 +203,14 @@
 /data/misc/bluedroid/\.a2dp_data u:object_r:bluetooth_socket:s0
 /data/misc/camera(/.*)?         u:object_r:camera_data_file:s0
 /data/misc/dhcp(/.*)?           u:object_r:dhcp_data_file:s0
+/data/misc/keychain(/.*)?       u:object_r:keychain_data_file:s0
 /data/misc/keystore(/.*)?       u:object_r:keystore_data_file:s0
 /data/misc/media(/.*)?          u:object_r:media_data_file:s0
 /data/misc/net(/.*)?            u:object_r:net_data_file:s0
 /data/misc/shared_relro(/.*)?   u:object_r:shared_relro_file:s0
 /data/misc/sms(/.*)?            u:object_r:radio_data_file:s0
 /data/misc/systemkeys(/.*)?     u:object_r:systemkeys_data_file:s0
+/data/misc/user(/.*)?           u:object_r:misc_user_data_file:s0
 /data/misc/vpn(/.*)?            u:object_r:vpn_data_file:s0
 /data/misc/wifi(/.*)?           u:object_r:wifi_data_file:s0
 /data/misc/wifi/sockets(/.*)?   u:object_r:wpa_socket:s0
commit	51bfecf49d50982f64aba1fa73bbbdd2e40a444f	[log] [tgz]
author	Robin Lee <rgl@google.com>	Mon Oct 13 12:10:08 2014 +0100
committer	Robin Lee <rgl@google.com>	Wed Oct 15 18:02:03 2014 +0000
tree	fb112aa5cc8b9546e8a26a35d732c266399664c6
parent	ebfd9f87197f4a39bbc2a5e4f6c6dffc28be36d7 [diff] [blame]