From a47a1331f75433fe25e3f57ffdecea92f7e48425 Mon Sep 17 00:00:00 2001
From: Paul Lawrence <paullawrence@google.com>
Date: Tue, 5 May 2015 11:06:43 -0700
Subject: [PATCH] DO NOT MERGE Use default key permissions for ext4enc

(cherry-picked from commit 478a01d6f2081f7807b99774d005fee373847f23)

As per discussion default permissions are the correct ones.
Note that since we use logon keys, they cannot be read outside
the kernel.

Note also that we limit who can read/write keys in selinux policy.

Bug: 18151196
Change-Id: I15dc0de92643ae1472b0cde79c464fb3e1a1d453
---
 ext4_utils/ext4_crypt_init_extensions.cpp | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/ext4_utils/ext4_crypt_init_extensions.cpp b/ext4_utils/ext4_crypt_init_extensions.cpp
index cd0a02ac..92445e68 100644
--- a/ext4_utils/ext4_crypt_init_extensions.cpp
+++ b/ext4_utils/ext4_crypt_init_extensions.cpp
@@ -129,13 +129,6 @@ int e4crypt_install_keyring()
     KLOG_INFO(TAG, "Keyring created wth id %d in process %d\n",
               device_keyring, getpid());
 
-    // ext4enc:TODO set correct permissions
-    long result = keyctl_setperm(device_keyring, 0x3f3f3f3f);
-    if (result) {
-        KLOG_ERROR(TAG, "KEYCTL_SETPERM failed with error %ld\n", result);
-        return -1;
-    }
-
     return 0;
 }
 
-- 
2.11.0