Use default key permissions for ext4enc
As per discussion default permissions are the correct ones.
Note that since we use logon keys, they cannot be read outside
the kernel.
Note also that we limit who can read/write keys in selinux policy.
Bug: 18151196
Change-Id: Icc916f430a70eff22e6b74c20ec361c8f3789c1c
diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index 61edfeb..9c79098 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -359,13 +359,6 @@
SLOGI("Added key %d (%s) to keyring %d in process %d",
key_id, ref.c_str(), device_keyring, getpid());
- // ext4enc:TODO set correct permissions
- long result = keyctl_setperm(key_id, 0x3f3f3f3f);
- if (result) {
- SLOGE("KEYCTL_SETPERM failed with error %ld", result);
- return -1;
- }
-
// Save reference to key so we can set policy later
if (!props.Set(properties::ref, raw_ref)) {
SLOGE("Cannot save key reference");