From 77a824600bfe80abccc9fdcab8d1566380b43ce4 Mon Sep 17 00:00:00 2001
From: Chad Brubaker <cbrubaker@google.com>
Date: Tue, 12 May 2015 12:33:40 -0700
Subject: [PATCH] Add keystore user_changed permission

user_changed will be used for state change methods around android user
creation/deletion.

(cherry-picked from commit 520bb816b86fe36440767db6e2f05fb4e8a08f3e)

Change-Id: I295ca9adfc4907b5d7bcf0555f6e5a9a3379635b
---
 access_vectors   | 1 +
 system_app.te    | 1 +
 system_server.te | 1 +
 3 files changed, 3 insertions(+)

diff --git a/access_vectors b/access_vectors
index 65b7e2226..e79ad1b80 100644
--- a/access_vectors
+++ b/access_vectors
@@ -910,6 +910,7 @@ class keystore_key
 	sync_uid
 	password_uid
 	add_auth
+	user_changed
 }
 
 class debuggerd
diff --git a/system_app.te b/system_app.te
index 407b85e7d..811f4367b 100644
--- a/system_app.te
+++ b/system_app.te
@@ -73,6 +73,7 @@ allow system_app keystore:keystore_key {
 	grant
 	duplicate
 	clear_uid
+	user_changed
 };
 
 control_logd(system_app)
diff --git a/system_server.te b/system_server.te
index fb163970c..7eb3dd385 100644
--- a/system_server.te
+++ b/system_server.te
@@ -401,6 +401,7 @@ allow system_server keystore:keystore_key {
 	sync_uid
 	password_uid
 	add_auth
+	user_changed
 };
 
 # Allow system server to search and write to the persistent factory reset
-- 
GitLab