Stop granting permission to report_off_body to keystore2 The report_off_body permission of the "keystore2" class only guarded the Binder API IKeystoreMaintenance#onDeviceOffBody() served by keystore2. That API is being removed because it is unused (https://r.android.com/2974277). Therefore, stop granting the report_off_body permission. Don't actually remove the permission from private/access_vectors. That would break the build because it's referenced by rules in prebuilts/. However, document the access vectors that are known to be unused. Bug: 289849354 Test: atest CtsKeystoreTestCases Change-Id: I344a1a8ad1dc12217b414899994397d5e62bd771

commit: 92ca7b7af1ba5774346976f75305884bcd8cef7f [log] [tgz]
author: Eric Biggers <ebiggers@google.com> Thu Mar 14 21:53:21 2024 +0000
committer: Eric Biggers <ebiggers@google.com> Thu Mar 14 22:40:42 2024 +0000
tree: 96106d9dc445631aba9e2ea8df09b6b43b77b768
parent: b229d824ad3ed93c2ffc12fe94352b233eb44630 [diff] [blame]
diff --git a/private/access_vectors b/private/access_vectors
index 32d73dd..60ec0ae 100644
--- a/private/access_vectors
+++ b/private/access_vectors

@@ -692,7 +692,7 @@
 	list
 }
 
-class keystore_key
+class keystore_key # No longer used
 {
 	get_state
 	get
@@ -727,11 +727,11 @@
 	get_attestation_key
 	get_auth_token
 	get_last_auth_time
-	get_state
+	get_state # No longer used
 	list
 	lock
 	pull_metrics
-	report_off_body
+	report_off_body # No longer used
 	reset
 	unlock
 }
commit	92ca7b7af1ba5774346976f75305884bcd8cef7f	[log] [tgz]
author	Eric Biggers <ebiggers@google.com>	Thu Mar 14 21:53:21 2024 +0000
committer	Eric Biggers <ebiggers@google.com>	Thu Mar 14 22:40:42 2024 +0000
tree	96106d9dc445631aba9e2ea8df09b6b43b77b768
parent	b229d824ad3ed93c2ffc12fe94352b233eb44630 [diff] [blame]