From 51c62a8e734f73e7646686f726d9ce36dca8c468 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= <maze@google.com>
Date: Thu, 2 May 2019 16:54:29 -0700
Subject: Partial revert of "Fix kernel BPF network statistics"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This reverts sepolicy changes of commit dab4e8bc8bff124a2cbc345c1254b73669885988.

These were bogus, netd selinux policy is not device specific
and this is now getting in the way of adding neverallow rules.

No other device has such rules, so goldfish does not need them either.
And even if it does, this is *NOT* the right place for them.

Bug: 132013604
Test: treehugger will
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I52d7b012bf0515e667d372ef8a31da721b18a913
Merged-In: I52d7b012bf0515e667d372ef8a31da721b18a913
(cherry picked from commit eb96b737aa27f7dcc3a98106b48cf457e7ca627e)
---
 sepolicy/common/netd.te | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sepolicy/common/netd.te b/sepolicy/common/netd.te
index 1176c05..09a28b9 100644
--- a/sepolicy/common/netd.te
+++ b/sepolicy/common/netd.te
@@ -1,4 +1,3 @@
 dontaudit netd self:capability sys_module;
 #TODO: This can safely be ignored until b/62954877 is fixed
 dontaudit netd kernel:system module_request;
-allow netd self:bpf { map_create map_read map_write };
-- 
cgit v1.2.3