Remove device specific SEPolicy

Change-Id: Icf65691f123dd940cd86a26c7e355adf4a4b8f29

31 files changed, 0 insertions, 512 deletions

diff --git a/BoardCommonConfig.mk b/BoardCommonConfig.mk
index fcabba7..3bd0668 100644
--- a/BoardCommonConfig.mk
+++ b/BoardCommonConfig.mk
@@ -43,39 +43,3 @@ RECOVERY_FSTAB_VERSION := 2
 
 # assert
 TARGET_OTA_ASSERT_DEVICE := t0lte,t0ltexx,GT-N7105,t0ltedv,GT-N7105T,t0lteatt,SGH-I317,t0ltetmo,SGH-T889,t0ltecan,t0ltevl,SGH-I317M
-
-# Selinux
-BOARD_SEPOLICY_DIRS += \
-    device/samsung/t0lte/selinux
-
-BOARD_SEPOLICY_UNION += \
-    bluetooth.te \
-    radio.te \
-    file_contexts \
-    te_macros \
-    device.te \
-    dhcp.te \
-    domain.te \
-    file.te \
-    init.te \
-    kickstart.te \
-    mediaserver.te \
-    netd.te \
-    netmgrd.te \
-    nfc.te \
-    qmiproxy.te \
-    qmuxd.te \
-    rild.te \
-    secril.te \
-    servicemanager.te \
-    sysinit.te \
-    system.te \
-    system_app.te \
-    system_server.te \
-    time_daemon.te \
-    ueventd.te \
-    vold.te \
-    wpa.te \
-    wpa_supplicant.te \
-    zygote.te
-
diff --git a/selinux/bluetooth.te b/selinux/bluetooth.te
deleted file mode 100644
index a6e68b8..0000000
--- a/selinux/bluetooth.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow bluetooth smd_device:chr_file { read write ioctl open };
-allow bluetooth sysfs:file { write };
\ No newline at end of file
diff --git a/selinux/device.te b/selinux/device.te
deleted file mode 100644
index e4cec2d..0000000
--- a/selinux/device.te
+++ /dev/null
@@ -1,27 +0,0 @@
-type mali_device, dev_type, mlstrustedobject;
-type mfc_device, dev_type;
-type rfkill_device, dev_type;
-type wlan_device, dev_type;
-type modem_block_device, dev_type;
-type diagnostic_device, dev_type;
-type efs_block_device, dev_type;
-type mmc_block_device, dev_type;
-
-#SSR device
-type ssr_device, dev_type;
-
-#device type for smd device nodes, ie /dev/smd*
-type smd_device, dev_type;
-
-#Define the hsic device
-type hsic_device, dev_type;
-
-#Define the mhi device
-type mhi_device, dev_type;
-
-#Define the logging device type
-type diag_device, dev_type;
-type smem_log_device, dev_type;
-
-#Define rct device type for time daemon
-type rtc_device, dev_type;
diff --git a/selinux/dhcp.te b/selinux/dhcp.te
deleted file mode 100755
index c403b9b..0000000
--- a/selinux/dhcp.te
+++ /dev/null
@@ -1 +0,0 @@
-allow dhcp self:rawip_socket { create write setopt };
diff --git a/selinux/domain.te b/selinux/domain.te
deleted file mode 100644
index 56c2d49..0000000
--- a/selinux/domain.te
+++ /dev/null
@@ -1,7 +0,0 @@
-## /dev/mali, /dev/ump
-allow domain mali_device:chr_file rw_file_perms;
-
-userdebug_or_eng(`
-			  allow domain diag_device:chr_file rw_file_perms;
-') 
-
diff --git a/selinux/file.te b/selinux/file.te
deleted file mode 100644
index 07e5b83..0000000
--- a/selinux/file.te
+++ /dev/null
@@ -1,30 +0,0 @@
-type radio_efs_file, fs_type, contextmount_type;
-
-type firmware_mfc, file_type;
-type firmware_camera, file_type;
-
-type mdnie_sysfs, file_type;
-type vib_sysfs, file_type;
-
-type qmuxd_socket, file_type;
-type kickstart_data_file, file_type, data_file_type;
-type sensors_data_file, file_type, data_file_type;
-type volume_data_file, file_type, data_file_type;
-
-#File types required by mdm-helper
-type sysfs_esoc, sysfs_type, fs_type;
-type sysfs_ssr,  sysfs_type, fs_type;
-type sysfs_ssr_toggle,  sysfs_type, file_type;
-type sysfs_hsic, sysfs_type, fs_type;
-type sysfs_hsic_host_rdy, sysfs_type, file_type;
-
-#Define the timeout for platform specific transports
-type sysfs_hsic_modem_wait, sysfs_type, fs_type;
-type sysfs_smd_open_timeout, sysfs_type, fs_type;
-
-# Persist file types
-type persist_file, file_type;
-type persist_data_file, file_type;
-type persist_drm_file, file_type;
-type data_drm_file, file_type;
-
diff --git a/selinux/file_contexts b/selinux/file_contexts
deleted file mode 100644
index c42fa2c..0000000
--- a/selinux/file_contexts
+++ /dev/null
@@ -1,76 +0,0 @@
-# GFX
-/dev/mali                               u:object_r:mali_device:s0
-/dev/ump                                u:object_r:mali_device:s0
-/dev/fimg2d                             u:object_r:mali_device:s0
-
-/dev/s3c-mfc							u:object_r:mfc_device:s0
-
-# RIL
-/dev/mdm                                u:object_r:radio_device:s0
-/dev/hsicctl[0-3]*                      u:object_r:radio_device:s0
-/dev/ttyUSB0                            u:object_r:radio_device:s0
-/dev/diag                               u:object_r:diagnostic_device:s0
-
-# GPS
-/dev/ttySAC1                            u:object_r:gps_device:s0
-
-# Bluetooth
-/dev/ttySAC0                            u:object_r:hci_attach_dev:s0
-/efs/bluetooth(/.*)?                    u:object_r:bluetooth_data_file:s0
-
-# Sensors
-/dev/akm8963                            u:object_r:sensors_device:s0
-/efs/gyro_cal_data                      u:object_r:sensors_data_file:s0
-
-# Camera
-/data/ISP_CV                            u:object_r:camera_data_file:s0
-/dev/exynos-mem                         u:object_r:video_device:s0
-
-# For wpa_supp
-/dev/rfkill                             u:object_r:rfkill_device:s0
-
-# Firmwares
-/system/vendor/firmware(/.*)?           u:object_r:firmware_camera:s0
-/system/vendor/firmware/mfc_fw.bin      u:object_r:firmware_mfc:s0
-/data/cfw(/.*)?                         u:object_r:firmware_camera:s0
-/tombstones                             u:object_r:system_data_file:s0
-/tombstones(/.*)?                       u:object_r:tombstone_data_file:s0
-/tombstones/qcks(/.*)?                  u:object_r:kickstart_data_file:s0
-
-# MDNIE
-/sys/class/mdnie/mdnie/scenario         u:object_r:mdnie_sysfs:s0
-/sys/class/mdnie/mdnie/mode             u:object_r:mdnie_sysfs:s0
-/sys/class/mdnie/mdnie/negative         u:object_r:mdnie_sysfs:s0
-/sys/class/lcd/panel/power_reduce       u:object_r:mdnie_sysfs:s0
-
-# Vibrator
-/dev/tspdrv                             u:object_r:input_device:s0
-/sys/vibrator/pwm_val                   u:object_r:vib_sysfs:s0
-
-# Wifi
-/efs/wifi/.mac.info                     u:object_r:wifi_data_file:s0
-
-# Sec-ril
-/efs/FactoryApp/keystr                  u:object_r:efs_file:s0
-/efs/FactoryApp/factorymode             u:object_r:efs_file:s0
-/efs/FactoryApp/serial_no               u:object_r:efs_file:s0
-/data/misc/radio/ramdumpmode.txt        u:object_r:radio_data_file:s0
-/data/misc/radio/dlnk                   u:object_r:radio_data_file:s0
-
-# Binaries
-/system/bin/qmuxd                u:object_r:qmuxd_exec:s0
-/system/bin/efsks                u:object_r:kickstart_exec:s0
-/system/bin/ks                   u:object_r:kickstart_exec:s0
-/system/bin/qcks                 u:object_r:kickstart_exec:s0
-
-# Sockets
-/dev/socket/qmux_audio(/.*)?     u:object_r:qmuxd_socket:s0
-/dev/socket/qmux_bluetooth(/.*)? u:object_r:qmuxd_socket:s0
-/dev/socket/qmux_gps(/.*)?       u:object_r:qmuxd_socket:s0
-/dev/socket/qmux_radio(/.*)?     u:object_r:qmuxd_socket:s0
-
-# Block devices
-/dev/block/mmcblk0(.*)       u:object_r:mmc_block_device:s0
-
-# Audio related
-/data/local/audio(/.*)?         u:object_r:volume_data_file:s0
diff --git a/selinux/init.te b/selinux/init.te
deleted file mode 100644
index 2fdff9a..0000000
--- a/selinux/init.te
+++ /dev/null
@@ -1,14 +0,0 @@
-allow init wpa_socket:unix_dgram_socket { bind create };
-allow init su_exec:file { execute_no_trans };
-allow init init:process { execmem };
-allow init init:capability { sys_module };
-allow init radio_efs_file:filesystem { relabelto };
-allow init app_data_file:dir { read open setattr getattr relabelfrom };
-
-allow init_shell kernel:system { syslog_mod };
-allow init init:packet_socket { create bind write read };
-allow init init:rawip_socket { create setopt write };
-
-allow init_shell init:packet_socket { read write };
-
-
diff --git a/selinux/kickstart.te b/selinux/kickstart.te
deleted file mode 100755
index d663145..0000000
--- a/selinux/kickstart.te
+++ /dev/null
@@ -1,52 +0,0 @@
-# kickstart processes and scripts
-type kickstart, domain;
-type kickstart_exec, exec_type, file_type;
-
-# kickstart_checker.sh talks to init over the property socket
-unix_socket_connect(kickstart, property, init)
-
-# Start /system/bin/qcks from init
-init_daemon_domain(kickstart)
-
-# Spawn /system/bin/efsks and /system/bin/ks
-allow kickstart kickstart_exec:file { open execute_no_trans getattr };
-
-# Run dd on m9kefs[123] block devices; write to /data/qcks/
-# Run cat on firmware and m9kefs[123] data; write to /data/qcks/
-allow kickstart mmc_block_device:blk_file { getattr read write open };
-allow kickstart kickstart_data_file:file create_file_perms;
-allow kickstart kickstart_data_file:dir rw_dir_perms;
-allow kickstart radio_efs_file:file r_file_perms;
-allow kickstart radio_efs_file:dir search;
-
-# Let qcks access /dev/mdm node (modem driver)
-allow kickstart radio_device:chr_file rw_file_perms;
-
-# Allow /dev/ttyUSB0 access
-allow kickstart radio_device:chr_file { write ioctl getattr };
-
-# Allow to run toolbox commands
-allow kickstart shell_exec:file rx_file_perms;
-# Toolbox commands for firmware dd
-allow kickstart system_file:file execute_no_trans;
-
-# Access to /dev/block/platform/msm_sdcc.1/by-name/m9kefs2
-allow kickstart block_device:dir { getattr write search };
-
-# Set system property key
-allow kickstart radio_prop:property_service set;
-
-allow kickstart shell_exec:file entrypoint;
-# ls on /data/qcks/
-allow kickstart self:capability { dac_override setuid };
-
-# XXX Label sysfs files with a specific type?
-allow kickstart sysfs:file rw_file_perms;
-
-allow kickstart unlabeled:file { setattr getattr read write open };
-allow kickstart vfat:file { getattr read open };
-allow kickstart kickstart:process { execmem };
-#allow kickstart usbfs:filesystem { mount };
-allow kickstart usbfs:dir { search };
-#allow kickstart system_file:file { entrypoint };
-allow kickstart vfat:dir { search };
diff --git a/selinux/logd.te b/selinux/logd.te
deleted file mode 100644
index d2378fd..0000000
--- a/selinux/logd.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow logd location_app:dir r_dir_perms;
-allow logd location_app:file r_file_perms;
\ No newline at end of file
diff --git a/selinux/mediaserver.te b/selinux/mediaserver.te
deleted file mode 100644
index 65550ce..0000000
--- a/selinux/mediaserver.te
+++ /dev/null
@@ -1,9 +0,0 @@
-qmux_socket(mediaserver);
-allow mediaserver self:socket create_socket_perms;
-allow mediaserver { firmware_camera }:file r_file_perms;
-allow mediaserver firmware_camera:dir r_dir_perms;
-allow mediaserver camera_data_file:file rw_file_perms;
-allow mediaserver volume_data_file:file create_file_perms;
-allow mediaserver volume_data_file:dir create_dir_perms;
-allow mediaserver mfc_device:chr_file rw_file_perms;
-allow mediaserver system_data_file:file { write open };
diff --git a/selinux/netd.te b/selinux/netd.te
deleted file mode 100644
index 0fb1b6a..0000000
--- a/selinux/netd.te
+++ /dev/null
@@ -1 +0,0 @@
-allow netd kernel:system { module_request };
\ No newline at end of file
diff --git a/selinux/netmgrd.te b/selinux/netmgrd.te
deleted file mode 100755
index 0f31fad..0000000
--- a/selinux/netmgrd.te
+++ /dev/null
@@ -1,33 +0,0 @@
-# Network utilities (radio process)
-type netmgrd, domain;
-type netmgrd_exec, exec_type, file_type;
-
-net_domain(netmgrd)
-# Started by init
-init_daemon_domain(netmgrd)
-
-
-allow netmgrd self:udp_socket { create ioctl };
-# fsetid, dac_override unlink on /dev/socket/qmux_radio/qmux_client_socket
-allow netmgrd self:capability { sys_module fsetid setuid setgid net_admin net_raw dac_override };
-allow netmgrd self:packet_socket { write bind read create };
-allow netmgrd self:netlink_socket { write read create bind setopt };
-allow netmgrd self:netlink_route_socket { create bind read write nlmsg_read nlmsg_write setopt getattr };
-allow netmgrd kernel:system module_request;
-
-# Talk to qmuxd
-qmux_socket(netmgrd)
-
-# Allow logging diagnostic items
-allow netmgrd diagnostic_device:chr_file rw_file_perms;
-
-# /data/data_test/ access with shell
-allow netmgrd shell_exec:file { execute read open execute_no_trans };
-allow netmgrd system_file:file { execute_no_trans };
-
-# Talk to init over the property socket
-unix_socket_connect(netmgrd, property, init)
-# Set net.rmnet_usb0. values
-allow netmgrd radio_prop:property_service set;
-
-allow netmgrd netmgrd:process { execmem };
diff --git a/selinux/nfc.te b/selinux/nfc.te
deleted file mode 100644
index 9c8c37a..0000000
--- a/selinux/nfc.te
+++ /dev/null
@@ -1 +0,0 @@
-allow nfc firmware_camera:dir { search };
\ No newline at end of file
diff --git a/selinux/qmiproxy.te b/selinux/qmiproxy.te
deleted file mode 100644
index 5845fcd..0000000
--- a/selinux/qmiproxy.te
+++ /dev/null
@@ -1,5 +0,0 @@
-type qmiproxy, domain;
-type qmiproxy_exec, exec_type, file_type;
-
-net_domain(qmiproxy)
-init_daemon_domain(qmiproxy)
\ No newline at end of file
diff --git a/selinux/qmuxd.te b/selinux/qmuxd.te
deleted file mode 100644
index da255f2..0000000
--- a/selinux/qmuxd.te
+++ /dev/null
@@ -1,51 +0,0 @@
-type qmuxd, domain;
-type qmuxd_exec, exec_type, file_type;
-net_domain(qmuxd)
-init_daemon_domain(qmuxd)
-
-userdebug_or_eng(`
-  domain_auto_trans(shell, qmuxd_exec, qmuxd)
-  domain_auto_trans(adbd, qmuxd_exec, qmuxd)
-')
-
-#Allow qmuxd to operate on various qmux device sockets
-#allow qmuxd qmux_radio_socket:dir { write add_name remove_name search };
-#allow qmuxd qmux_radio_socket:sock_file { create setattr getattr write unlink };
-#allow qmuxd qmux_audio_socket:dir { write add_name remove_name search };
-#allow qmuxd qmux_audio_socket:sock_file { create setattr getattr write unlink };
-#allow qmuxd qmux_gps_socket:dir { write add_name remove_name search };
-#allow qmuxd qmux_gps_socket:sock_file { create setattr getattr write unlink };
-#allow qmuxd qmux_bluetooth_socket:dir { write add_name remove_name search };
-#allow qmuxd qmux_bluetooth_socket:sock_file { create setattr getattr write unlink };
-
-qmux_socket(qmuxd);
-
-#Allow logging
-allow qmuxd diag_device:chr_file { rw_file_perms };
-
-#Allow operation in platform specific transports
-allow qmuxd smd_device:chr_file { rw_file_perms };
-allow qmuxd hsic_device:chr_file { rw_file_perms };
-
-#Allow qmuxd to operate in platform specific transports
-allow qmuxd sysfs_smd_open_timeout:file w_file_perms;
-allow qmuxd sysfs_wake_lock:file { append open };
-
-#Allow qmuxd to write in hsic specific transport
-allow qmuxd sysfs:file w_file_perms;
-allow qmuxd radio_device:file w_file_perms;
-
-allow qmuxd self:capability { setuid setgid setpcap dac_override };
-
-#Allow qmuxd to have the CAP_BLOCK_SUSPEND capability
-allow qmuxd qmuxd:capability2 { block_suspend };
-
-allow qmuxd sysfs_esoc:dir r_dir_perms;
-allow qmuxd sysfs_hsic_modem_wait:file w_file_perms;
-allow qmuxd sysfs_esoc:lnk_file read;
-
-r_dir_file(qmuxd, sysfs_ssr);
-allow qmuxd mhi_device:chr_file rw_file_perms;
-
-allow qmuxd qmuxd:process { execmem };
-allow qmuxd radio_device:chr_file {read write open };
\ No newline at end of file
diff --git a/selinux/radio.te b/selinux/radio.te
deleted file mode 100644
index 6dc99b0..0000000
--- a/selinux/radio.te
+++ /dev/null
@@ -1,4 +0,0 @@
-# Talk to qmuxd (/dev/socket/qmux_radio)
-qmux_socket(radio) ;
-
-allow radio secril-daemon:unix_stream_socket { connectto };
\ No newline at end of file
diff --git a/selinux/rild.te b/selinux/rild.te
deleted file mode 100755
index b81c43f..0000000
--- a/selinux/rild.te
+++ /dev/null
@@ -1,29 +0,0 @@
-#allow rild qmux_radio_socket:dir { write remove_name search add_name };
-#allow rild qmux_radio_socket:sock_file { write create unlink setattr };
-#allow rild qmuxd:unix_stream_socket connectto;
-qmux_socket(rild);
-binder_use(rild)
-
-allow rild ssr_device:chr_file { open read };
-allow rild sysfs_esoc:dir { search read open};
-allow rild sysfs_esoc:lnk_file { read };
-allow rild sysfs_esoc:file { write };
-allow rild sysfs_ssr:dir { open search read };
-allow rild sysfs_ssr:lnk_file { read open };
-
-allow rild mediaserver:binder { transfer call };
-
-#allow rild diag_device:chr_file { open read write };
-allow rild rild_socket:chr_file { open read write };
-
-allow rild sysfs_ssr:dir r_dir_perms;
-allow rild sysfs_ssr:lnk_file read;
-allow rild system_data_file:dir w_dir_perms;
-allow rild system_data_file:file create_file_perms;
-#allow rild time_daemon:unix_stream_socket connectto;
-
-allow rild rild:process execmem;
-allow rild diagnostic_device:chr_file { read write open };
-allow rild radio_data_file:dir { setattr };
-allow rild init:unix_stream_socket { read write };
-allow rild proc_net:file { write };
diff --git a/selinux/secril.te b/selinux/secril.te
deleted file mode 100644
index 1b1cc0a..0000000
--- a/selinux/secril.te
+++ /dev/null
@@ -1,38 +0,0 @@
-# sec-ril
-type secril-daemon, domain;
-type secril-daemon_exec, exec_type, file_type;
-
-# Start /system/bin/sec-ril from init
-init_daemon_domain(secril-daemon)
-
-allow secril-daemon secril-daemon_exec:file { open execute_no_trans getattr };
-allow secril-daemon self:udp_socket { create ioctl };
-unix_socket_connect(secril-daemon, property, init)
-unix_socket_connect(secril-daemon, rild, rild)
-
-allow secril-daemon { efs_file }:file rw_file_perms;
-allow secril-daemon system_data_file:dir create_dir_perms;
-allow secril-daemon system_data_file:file unlink;
-allow secril-daemon radio_data_file:file { create_file_perms };
-allow secril-daemon kernel:system module_request;
-allow secril-daemon self:capability { sys_module fsetid setuid setgid net_admin net_raw dac_override };
-allow secril-daemon system_file:file x_file_perms;
-allow secril-daemon sysfs:file rw_file_perms;
-allow secril-daemon shell_exec:file rx_file_perms;
-allow secril-daemon app_data_file:file rw_file_perms;
-allow secril-daemon app_data_file:dir search;
-allow secril-daemon zygote_exec:file rx_file_perms;
-allow secril-daemon ashmem_device:chr_file x_file_perms;
-
-allow secril-daemon secril-daemon:process { execmem };
-allow secril-daemon unlabeled:dir { search };
-allow secril-daemon radio_prop:property_service { set };
-allow secril-daemon sysfs_wake_lock:file { read write open };
-allow secril-daemon unlabeled:file { read open getattr setattr };
-#allow secril-daemon system_file:file { entrypoint };
-allow secril-daemon radio_data_file:dir { search write add_name read open remove_name };
-allow secril-daemon efs_file:dir { search };
-allow secril-daemon rild_exec:file { entrypoint read };
-allow secril-daemon qmuxd_socket:dir { write add_name remove_name search };
-allow secril-daemon qmuxd_socket:sock_file { create setattr unlink };
-
diff --git a/selinux/servicemanager.te b/selinux/servicemanager.te
deleted file mode 100644
index f793106..0000000
--- a/selinux/servicemanager.te
+++ /dev/null
@@ -1,9 +0,0 @@
-allow servicemanager rild:dir search;
-allow servicemanager rild:file r_file_perms;
-allow servicemanager rild:process getattr;
-allow servicemanager zygote:dir { search read open getattr };
-allow servicemanager zygote:file { read open };
-allow servicemanager zygote:process { getattr };
-allow servicemanager init:file rw_file_perms;
-allow servicemanager init:dir { search read open getattr };
-allow servicemanager init:process { getattr };
\ No newline at end of file
diff --git a/selinux/sysinit.te b/selinux/sysinit.te
deleted file mode 100644
index 705bb8a..0000000
--- a/selinux/sysinit.te
+++ /dev/null
@@ -1,4 +0,0 @@
-allow sysinit mmc_block_device:file read;
-allow sysinit firmware_camera:dir { read search open getattr write remove_name add_name };
-allow sysinit firmware_camera:file { read open write getattr setattr create unlink };
-allow sysinit sysinit:capability { dac_override chown fowner fsetid };
diff --git a/selinux/system.te b/selinux/system.te
deleted file mode 100755
index 1160fd7..0000000
--- a/selinux/system.te
+++ /dev/null
@@ -1,11 +0,0 @@
-# Talk to qmuxd
-qmux_socket(system_server)
-
-allow system_server diagnostic_device:chr_file rw_file_perms;
-allow system_server sensors_device:chr_file { read open };
-allow system_server sensors_data_file:file r_file_perms;
-allow system_server wpa_socket:unix_dgram_socket sendto;
-allow system_app volume_data_file:file { read write open getattr };
-
-allow system_server sysfs:file { read open write };
-allow system_server self:capability { sys_module };
\ No newline at end of file
diff --git a/selinux/system_app.te b/selinux/system_app.te
deleted file mode 100644
index 22ee485..0000000
--- a/selinux/system_app.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow system_app mdnie_sysfs:file { write };
-allow system_app vib_sysfs:file { write };
\ No newline at end of file
diff --git a/selinux/system_server.te b/selinux/system_server.te
deleted file mode 100644
index 0bf317f..0000000
--- a/selinux/system_server.te
+++ /dev/null
@@ -1,5 +0,0 @@
-allow system_server device:chr_file { ioctl };
-allow system_server uhid_device:file { read write open ioctl };
-allow system_server uhid_device:chr_file { read write open ioctl };
-allow system_server efs_file:dir { search };
-allow system_server efs_file:file r_file_perms;
diff --git a/selinux/te_macros b/selinux/te_macros
deleted file mode 100755
index 8378501..0000000
--- a/selinux/te_macros
+++ /dev/null
@@ -1,13 +0,0 @@
-#####################################
-# qmux_socket(clientdomain)
-# Allow client domain to connecto and send
-# via a local socket to the qmux domain.
-# Also allow the client domain to remove
-# its own socket.
-define(`qmux_socket', `
-allow $1 qmuxd_socket:dir create_dir_perms;
-unix_socket_connect($1, qmuxd, qmuxd)
-allow $1 qmuxd_socket:sock_file { read getattr write setattr create unlink };
-')
-
-
diff --git a/selinux/time_daemon.te b/selinux/time_daemon.te
deleted file mode 100644
index 5793197..0000000
--- a/selinux/time_daemon.te
+++ /dev/null
@@ -1,21 +0,0 @@
-# Policies for time daemon
-type time_daemon, domain;
-type time_daemon_exec, exec_type, file_type;
-type time_data_file, file_type, data_file_type;
-
-# Make transition to its own time_daemon domain from init
-init_daemon_domain(time_daemon)
-allow time_daemon smem_log_device:chr_file rw_file_perms;
-
-# Add rules for access permissions
-#============= IOCTL operations ==============
-allow time_daemon rtc_device:chr_file { open read ioctl };
-allow time_daemon alarm_device:chr_file { open read write ioctl };
-
-#============= File read/write ==============
-allow time_daemon time_data_file:file { write create open read};
-allow time_daemon time_data_file:dir { write add_name search};
-allow time_daemon self:socket { write read create ioctl};
-allow time_daemon self:capability { setuid setgid };
-
-r_dir_file(time_daemon, sysfs_esoc);
diff --git a/selinux/ueventd.te b/selinux/ueventd.te
deleted file mode 100644
index df589f0..0000000
--- a/selinux/ueventd.te
+++ /dev/null
@@ -1,7 +0,0 @@
-# Drivers read firmware files /firmware/image
-allow ueventd { radio_efs_file }:file r_file_perms;
-allow ueventd { radio_efs_file }:dir search;
-## More Firmwares
-allow ueventd { firmware_mfc }:file r_file_perms;
-allow ueventd { firmware_camera }:dir search;
-allow ueventd firmware_camera:file { read open getattr };
\ No newline at end of file
diff --git a/selinux/vold.te b/selinux/vold.te
deleted file mode 100644
index 3487976..0000000
--- a/selinux/vold.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow vold kernel:system { module_request };
-allow vold mmc_block_device:blk_file { read write open ioctl getattr };
\ No newline at end of file
diff --git a/selinux/wpa.te b/selinux/wpa.te
deleted file mode 100644
index 32dc267..0000000
--- a/selinux/wpa.te
+++ /dev/null
@@ -1,7 +0,0 @@
-allow wpa persist_file:dir search;
-qmux_socket(wpa);
-
-allow wpa self:socket create_socket_perms;
-allow wpa smem_log_device:chr_file rw_file_perms;
-allow wpa proc_net:file write;
-allow wpa wifi_data_file:sock_file { write };
diff --git a/selinux/wpa_supplicant.te b/selinux/wpa_supplicant.te
deleted file mode 100755
index 91a5c56..0000000
--- a/selinux/wpa_supplicant.te
+++ /dev/null
@@ -1,10 +0,0 @@
-allow wpa init:unix_dgram_socket { read write };
-
-# logwrapper used with wpa_supplicant
-allow wpa devpts:chr_file { read write };
-
-allow wpa wpa_socket:unix_dgram_socket { read write };
-allow wpa_socket system_server:unix_dgram_socket sendto;
-
-allow wpa_socket wifi_data_file:sock_file unlink;
-allow wpa rfkill_device:chr_file rw_file_perms;
\ No newline at end of file
diff --git a/selinux/zygote.te b/selinux/zygote.te
deleted file mode 100644
index d25d524..0000000
--- a/selinux/zygote.te
+++ /dev/null
@@ -1,3 +0,0 @@
-allow zygote shell_data_file:dir search;
-allow zygote devpts:chr_file { read write };
-allow zygote init_shell:process { sigchld };