From b7f0702ea6cc32c58540d596016c2dabd8ba3541 Mon Sep 17 00:00:00 2001
From: Paul Lawrence <paullawrence@google.com>
Date: Tue, 5 May 2015 11:09:07 -0700
Subject: [PATCH] DO NOT MERGE Use default key permissions for ext4enc

(cherry-picked from commit 1190a26f6d7dd34bf10ffc7b367b374d5e591146)

As per discussion default permissions are the correct ones.
Note that since we use logon keys, they cannot be read outside
the kernel.

Note also that we limit who can read/write keys in selinux policy.

Bug: 18151196
Change-Id: Icc916f430a70eff22e6b74c20ec361c8f3789c1c
---
 Ext4Crypt.cpp | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index 61edfeb..9c79098 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -359,13 +359,6 @@ int e4crypt_check_passwd(const char* path, const char* password)
     SLOGI("Added key %d (%s) to keyring %d in process %d",
           key_id, ref.c_str(), device_keyring, getpid());
 
-    // ext4enc:TODO set correct permissions
-    long result = keyctl_setperm(key_id, 0x3f3f3f3f);
-    if (result) {
-        SLOGE("KEYCTL_SETPERM failed with error %ld", result);
-        return -1;
-    }
-
     // Save reference to key so we can set policy later
     if (!props.Set(properties::ref, raw_ref)) {
         SLOGE("Cannot save key reference");
-- 
2.11.0