diff options
| author | mtk12101 <shan.zhang@mediatek.com> | 2019-01-31 14:48:29 +0800 |
|---|---|---|
| committer | mtk12101 <shan.zhang@mediatek.com> | 2019-01-31 14:48:29 +0800 |
| commit | aa0fe8708f5ddfb4fc0eaf039020652bc2c8bb54 (patch) | |
| tree | 7f09d938ccd12d364921bc1ee33cbe1397abd985 | |
| parent | c8a53cae30218bf95fe1d247891477c0e50faa5c (diff) | |
| download | device_mediatek_wembley-sepolicy-aa0fe8708f5ddfb4fc0eaf039020652bc2c8bb54.tar.gz device_mediatek_wembley-sepolicy-aa0fe8708f5ddfb4fc0eaf039020652bc2c8bb54.tar.bz2 device_mediatek_wembley-sepolicy-aa0fe8708f5ddfb4fc0eaf039020652bc2c8bb54.zip | |
[ALPS03825066] Remove unused sepolicy
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop
[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"
MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248
Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
36 files changed, 0 insertions, 229 deletions
diff --git a/non_plat/aee_aed.te b/non_plat/aee_aed.te index 936ea45..3354ec8 100644 --- a/non_plat/aee_aed.te +++ b/non_plat/aee_aed.te @@ -51,11 +51,6 @@ allow aee_aed exec_type:file r_file_perms; # Purpose: Allow aee_aed to read /proc/cpu/alignment allow aee_aed proc_cpu_alignment:file { write open }; -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(aee_aed, vendor_default_prop) - # Purpose: Allow aee_aed to access /sys/devices/virtual/timed_output/vibrator/enable allow aee_aed sysfs_vibrator_setting:dir search; allow aee_aed sysfs_vibrator_setting:file w_file_perms; diff --git a/non_plat/aee_aedv.te b/non_plat/aee_aedv.te index 4556e07..63ecb0e 100644 --- a/non_plat/aee_aedv.te +++ b/non_plat/aee_aedv.te @@ -393,11 +393,6 @@ allow aee_aedv proc_hw_ver:file r_file_perms; # Purpose: Allow aee_aedv to read /proc/sched_debug allow aee_aedv proc_sched_debug:file r_file_perms; -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(aee_aedv, vendor_default_prop) - # Purpose: Allow aee_aedv to read /proc/atf_log allow aee_aedv proc_atf_log:dir search; diff --git a/non_plat/audioserver.te b/non_plat/audioserver.te index a7a5a27..f5f3501 100644 --- a/non_plat/audioserver.te +++ b/non_plat/audioserver.te @@ -63,8 +63,3 @@ allow audioserver aee_aed:unix_stream_socket connectto; # Purpose : Change thermal config allow audioserver mtk_thermal_config_prop:file { getattr open read }; allow audioserver mtk_thermal_config_prop:property_service set; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(audioserver, vendor_default_prop) diff --git a/non_plat/boot_logo_updater.te b/non_plat/boot_logo_updater.te index f9a9961..bebd392 100644 --- a/non_plat/boot_logo_updater.te +++ b/non_plat/boot_logo_updater.te @@ -20,8 +20,3 @@ allow boot_logo_updater proc_lk_env:file rw_file_perms; # Operation : Global_Device/Uniservice Feature # Purpose : for it to read-write SysEnv data allow boot_logo_updater para_block_device:blk_file rw_file_perms; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(boot_logo_updater, vendor_default_prop) diff --git a/non_plat/bootanim.te b/non_plat/bootanim.te index 6813806..91b6e86 100644 --- a/non_plat/bootanim.te +++ b/non_plat/bootanim.te @@ -21,8 +21,3 @@ allow bootanim proc_ged:file {open read write ioctl getattr}; # Purpose : For MTK perfmgr allow bootanim proc_perfmgr:dir {search read}; allow bootanim proc_perfmgr:file {open read ioctl}; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(bootanim, vendor_default_prop) diff --git a/non_plat/cameraserver.te b/non_plat/cameraserver.te index 60a4356..92080cb 100644 --- a/non_plat/cameraserver.te +++ b/non_plat/cameraserver.te @@ -394,8 +394,3 @@ allow cameraserver camera_mfb_device:chr_file rw_file_perms; # Purpose: Allow permgr access allow cameraserver proc_perfmgr:dir {read search}; allow cameraserver proc_perfmgr:file {open read ioctl}; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(cameraserver, vendor_default_prop) diff --git a/non_plat/crash_dump.te b/non_plat/crash_dump.te deleted file mode 100644 index f4bda2d..0000000 --- a/non_plat/crash_dump.te +++ /dev/null @@ -1,9 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(crash_dump, vendor_default_prop) - diff --git a/non_plat/drmserver.te b/non_plat/drmserver.te index 8d138a1..8755b64 100644 --- a/non_plat/drmserver.te +++ b/non_plat/drmserver.te @@ -5,8 +5,3 @@ # Date : WK16.33 # Purpose: Allow to access ged for gralloc_extra functions allow drmserver proc_ged:file {open read write ioctl getattr}; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(drmserver, vendor_default_prop) diff --git a/non_plat/em_svr.te b/non_plat/em_svr.te index 321725b..774840e 100644 --- a/non_plat/em_svr.te +++ b/non_plat/em_svr.te @@ -30,8 +30,3 @@ allow em_svr nvram_device:blk_file { open read write }; # Date: WK1812 # Purpose: add for Gyroscope sensor allow em_svr gyroscope_device:chr_file { read ioctl open }; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(em_svr, vendor_default_prop) diff --git a/non_plat/gatekeeperd.te b/non_plat/gatekeeperd.te deleted file mode 100644 index 836bd09..0000000 --- a/non_plat/gatekeeperd.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(gatekeeperd, vendor_default_prop) diff --git a/non_plat/hwservicemanager.te b/non_plat/hwservicemanager.te deleted file mode 100644 index d6074e9..0000000 --- a/non_plat/hwservicemanager.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(hwservicemanager, vendor_default_prop) diff --git a/non_plat/installd.te b/non_plat/installd.te deleted file mode 100644 index 920cee1..0000000 --- a/non_plat/installd.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(installd, vendor_default_prop) diff --git a/non_plat/keystore.te b/non_plat/keystore.te index 57d987a..9d7e4c7 100644 --- a/non_plat/keystore.te +++ b/non_plat/keystore.te @@ -12,8 +12,3 @@ allow keystore app_data_file:file write; # Purpose : Fix keystore boot selinux violation #allow keystore debugfs_tracing:file write; allow hal_keymaster_default debugfs_tracing:file write; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(keystore, vendor_default_prop) diff --git a/non_plat/lmkd.te b/non_plat/lmkd.te index 2e2eb7c..fbf02e7 100644 --- a/non_plat/lmkd.te +++ b/non_plat/lmkd.te @@ -17,8 +17,3 @@ dontaudit lmkd zygote:dir rw_dir_perms; # path=2F6465762F6173686D656D2F4469736361726461626C654D656D6F72794173686D656D416C6C6F6361746F72202864656C6574656429 # dev="tmpfs" ino=14475 scontext=u:r:lmkd:s0 tcontext=u:r:platform_app:s0 tclass=fd permissive=0 dontaudit lmkd platform_app:fd use; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(lmkd, vendor_default_prop) diff --git a/non_plat/logd.te b/non_plat/logd.te deleted file mode 100644 index 1028240..0000000 --- a/non_plat/logd.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(logd, vendor_default_prop) diff --git a/non_plat/mediadrmserver.te b/non_plat/mediadrmserver.te index 82ff50f..066a632 100644 --- a/non_plat/mediadrmserver.te +++ b/non_plat/mediadrmserver.te @@ -14,8 +14,3 @@ allow mediadrmserver proc_ged:file {open read write ioctl getattr}; # Purpose : Change thermal config allow mediaserver mtk_thermal_config_prop:file { getattr open read }; allow mediaserver mtk_thermal_config_prop:property_service set; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(mediadrmserver, vendor_default_prop) diff --git a/non_plat/mediaextractor.te b/non_plat/mediaextractor.te index ca62bd1..12157b8 100644 --- a/non_plat/mediaextractor.te +++ b/non_plat/mediaextractor.te @@ -5,8 +5,3 @@ # Date : WK16.33 # Purpose: Allow to access ged for gralloc_extra functions allow mediaextractor proc_ged:file {open read write ioctl getattr}; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(mediaextractor, vendor_default_prop) diff --git a/non_plat/mediametrics.te b/non_plat/mediametrics.te deleted file mode 100644 index 8c8c32b..0000000 --- a/non_plat/mediametrics.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(mediametrics, vendor_default_prop) diff --git a/non_plat/mediaserver.te b/non_plat/mediaserver.te index e17407f..c13cb9c 100644 --- a/non_plat/mediaserver.te +++ b/non_plat/mediaserver.te @@ -391,8 +391,3 @@ allow mediaserver mtk_hal_keymanage:binder call; # Purpose : Allow mediadrmserver to call vendor.mediatek.hardware.keymanage@1.0-service. hal_client_domain(mediaserver , hal_keymaster) allow mediaserver mtk_hal_keymanage_hwservice:hwservice_manager find; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(mediaserver, vendor_default_prop) diff --git a/non_plat/mobile_log_d.te b/non_plat/mobile_log_d.te index e5f4c4c..87f8c0d 100644 --- a/non_plat/mobile_log_d.te +++ b/non_plat/mobile_log_d.te @@ -56,8 +56,3 @@ allow mobile_log_d port:tcp_socket { name_connect name_bind }; allow mobile_log_d mobile_log_d:tcp_socket { create connect setopt bind }; allow mobile_log_d mobile_log_d:tcp_socket { bind setopt listen accept read write }; allow mobile_log_d node:tcp_socket node_bind; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(mobile_log_d, vendor_default_prop) diff --git a/non_plat/netd.te b/non_plat/netd.te index 48d3a94..03e8c0c 100644 --- a/non_plat/netd.te +++ b/non_plat/netd.te @@ -60,8 +60,3 @@ allow netd untrusted_app:fd use; # Purpose : CTS for wifi allow netd untrusted_app:unix_stream_socket { read write getopt setopt}; allow netd isolated_app:fd use; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(netd, vendor_default_prop) diff --git a/non_plat/netdiag.te b/non_plat/netdiag.te index 92e05b5..cb19c48 100644 --- a/non_plat/netdiag.te +++ b/non_plat/netdiag.te @@ -26,8 +26,3 @@ allow netdiag mmc_prop:file { getattr open }; # purpose: allow netdiag to access storage in new version allow netdiag media_rw_data_file:file { create_file_perms }; allow netdiag media_rw_data_file:dir { create_dir_perms }; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(netdiag, vendor_default_prop) diff --git a/non_plat/servicemanager.te b/non_plat/servicemanager.te deleted file mode 100644 index 0ea7272..0000000 --- a/non_plat/servicemanager.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(servicemanager, vendor_default_prop) diff --git a/non_plat/surfaceflinger.te b/non_plat/surfaceflinger.te index 7b84ab8..4138ac7 100644 --- a/non_plat/surfaceflinger.te +++ b/non_plat/surfaceflinger.te @@ -59,8 +59,3 @@ allow surfaceflinger proc_perfmgr:file {open read ioctl}; get_prop(surfaceflinger, graphics_hwc_pid_prop) allow surfaceflinger hal_graphics_composer_default:dir search; allow surfaceflinger hal_graphics_composer_default:lnk_file read; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(surfaceflinger, vendor_default_prop) diff --git a/non_plat/system_server.te b/non_plat/system_server.te index f449535..515a950 100644 --- a/non_plat/system_server.te +++ b/non_plat/system_server.te @@ -191,8 +191,3 @@ allow system_server mtk_thermal_config_prop:property_service set; # Purpose : perfmgr permission allow system_server proc_perfmgr:dir {read search}; allow system_server proc_perfmgr:file {open read ioctl}; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(system_server, vendor_default_prop) diff --git a/non_plat/thermalserviced.te b/non_plat/thermalserviced.te deleted file mode 100644 index d64f316..0000000 --- a/non_plat/thermalserviced.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(thermalserviced, vendor_default_prop) diff --git a/non_plat/tzdatacheck.te b/non_plat/tzdatacheck.te deleted file mode 100644 index 450a634..0000000 --- a/non_plat/tzdatacheck.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(tzdatacheck, vendor_default_prop) diff --git a/non_plat/vdc.te b/non_plat/vdc.te deleted file mode 100644 index 37324c8..0000000 --- a/non_plat/vdc.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============ - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(atcid, vendor_default_prop) diff --git a/non_plat/vndservicemanager.te b/non_plat/vndservicemanager.te deleted file mode 100644 index 5ec16b5..0000000 --- a/non_plat/vndservicemanager.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(vndservicemanager, vendor_default_prop) diff --git a/non_plat/vold.te b/non_plat/vold.te index 7933676..118033f 100644 --- a/non_plat/vold.te +++ b/non_plat/vold.te @@ -20,8 +20,3 @@ dontaudit vold proc_mtktz:dir { read open }; dontaudit vold proc_thermal:dir { read open }; allow vold mtd_device:blk_file rw_file_perms; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(vold, vendor_default_prop) diff --git a/non_plat/vold_prepare_subdirs.te b/non_plat/vold_prepare_subdirs.te deleted file mode 100644 index 29f58ff..0000000 --- a/non_plat/vold_prepare_subdirs.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(vold_prepare_subdirs, vendor_default_prop) diff --git a/non_plat/wificond.te b/non_plat/wificond.te deleted file mode 100644 index 4e434b2..0000000 --- a/non_plat/wificond.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : wificond -get_prop(wificond, vendor_default_prop) diff --git a/non_plat/zygote.te b/non_plat/zygote.te index e07fdfd..416727b 100644 --- a/non_plat/zygote.te +++ b/non_plat/zygote.te @@ -10,8 +10,3 @@ allow zygote proc_ged:file {open read write ioctl getattr}; # Purpose: Allow to access gpu for memtrack functions allow zygote gpu_device:dir search; allow zygote gpu_device:chr_file { open read write ioctl getattr}; - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(zygote, vendor_default_prop) diff --git a/plat_private/hal_allocator_default.te b/plat_private/hal_allocator_default.te deleted file mode 100644 index e09f6e1..0000000 --- a/plat_private/hal_allocator_default.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(hal_allocator_default, vendor_default_prop) diff --git a/plat_private/statsd.te b/plat_private/statsd.te deleted file mode 100644 index 5104867..0000000 --- a/plat_private/statsd.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(statsd, vendor_default_prop) diff --git a/plat_private/storaged.te b/plat_private/storaged.te deleted file mode 100644 index 6cc8b60..0000000 --- a/plat_private/storaged.te +++ /dev/null @@ -1,8 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -# Date : WK18.20 -# Operation : Migration -# Purpose : no permission for vendor_default_prop -get_prop(storaged, vendor_default_prop) |