Allow system and root to access fsverity keys Test: can add a key from Settings/CertInstaller Test: see the key loaded from an init script in /proc/keys Bug: 112038744 Change-Id: I72b643d88ca4c0afce8a4e3bc64fef606daf8364

commit: 58c10acfe8bfe190200fc9f6cf459df80c0f6f46 [log] [tgz]
author: Victor Hsieh <victorhsieh@google.com> Thu Sep 05 14:25:54 2019 -0700
committer: Victor Hsieh <victorhsieh@google.com> Thu Sep 05 16:21:21 2019 -0700
tree: f185743741ec62c21ed8832e8b63196e4d8b08ec
parent: 1ba438c4ac970c4cf9b679cdde457c65a1f352b3 [diff]
diff --git a/keystore/permissions.cpp b/keystore/permissions.cpp
index 05454cb..d17fcdd 100644
--- a/keystore/permissions.cpp
+++ b/keystore/permissions.cpp

@@ -59,6 +59,8 @@
                           {AID_ROOT, AID_SYSTEM},
                           {AID_WIFI, AID_KEYSTORE},
                           {AID_KEYSTORE, AID_WIFI},
+                          {AID_FSVERITY_CERT, AID_ROOT},
+                          {AID_FSVERITY_CERT, AID_SYSTEM},
 
 #ifdef GRANT_ROOT_ALL_PERMISSIONS
                           // Allow VTS tests to act on behalf of the wifi user
commit	58c10acfe8bfe190200fc9f6cf459df80c0f6f46	[log] [tgz]
author	Victor Hsieh <victorhsieh@google.com>	Thu Sep 05 14:25:54 2019 -0700
committer	Victor Hsieh <victorhsieh@google.com>	Thu Sep 05 16:21:21 2019 -0700
tree	f185743741ec62c21ed8832e8b63196e4d8b08ec
parent	1ba438c4ac970c4cf9b679cdde457c65a1f352b3 [diff]