Use default key permissions for ext4enc

As per discussion default permissions are the correct ones. Note that since we use logon keys, they cannot be read outside the kernel. Note also that we limit who can read/write keys in selinux policy. Bug: 18151196 Change-Id: Icc916f430a70eff22e6b74c20ec361c8f3789c1c
9 years ago · 1190a26f6d
parent 0f29aec5af
commit 1190a26f6d
1 changed files with 0 additions and 7 deletions
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@ -359,13 +359,6 @@ int e4crypt_check_passwd(const char* path, const char* password)
    SLOGI("Added key %d (%s) to keyring %d in process %d",
          key_id, ref.c_str(), device_keyring, getpid());

-    // ext4enc:TODO set correct permissions
-    long result = keyctl_setperm(key_id, 0x3f3f3f3f);
-    if (result) {
-        SLOGE("KEYCTL_SETPERM failed with error %ld", result);
-        return -1;
-    }
-
    // Save reference to key so we can set policy later
    if (!props.Set(properties::ref, raw_ref)) {
        SLOGE("Cannot save key reference");