Enforce more specific service access.

Move the remaining services from tmp_system_server_service to appropriate
attributes and remove tmp_system_server and associated logging:

registry
restrictions
rttmanager
scheduling_policy
search
sensorservice
serial
servicediscovery
statusbar
task
textservices
telecom_service
trust_service
uimode
updatelock
usagestats
usb
user
vibrator
voiceinteraction
wallpaper
webviewupdate
wifip2p
wifi
window

Bug: 18106000
Change-Id: Ia0a6d47099d82c53ba403af394537db6fbc71ca0

1 files changed, 0 insertions, 21 deletions

diff --git a/system_server.te b/system_server.te
index cb5d5cb..ac7a7c7 100644
--- a/system_server.te
+++ b/system_server.te
@@ -371,27 +371,6 @@ allow system_server nfc_service:service_manager find;
 allow system_server radio_service:service_manager find;
 allow system_server system_server_service:service_manager { add find };
 allow system_server surfaceflinger_service:service_manager find;
-allow system_server tmp_system_server_service:service_manager { add find };
-
-service_manager_local_audit_domain(system_server)
-auditallow system_server {
-    tmp_system_server_service
-    -registry_service
-    -sensorservice_service
-    -statusbar_service
-    -textservices_service
-    -trust_service
-    -uimode_service
-    -updatelock_service
-    -usagestats_service
-    -user_service
-    -vibrator_service
-    -wallpaper_service
-    -webviewupdate_service
-    -wifi_service
-    -wifip2p_service
-    -window_service
-}:service_manager find;
 
 allow system_server keystore:keystore_key {
 	test