diff options
| -rw-r--r-- | bluetooth.te | 2 | ||||
| -rw-r--r-- | nfc.te | 2 | ||||
| -rw-r--r-- | platform_app.te | 7 | ||||
| -rw-r--r-- | radio.te | 4 | ||||
| -rw-r--r-- | service.te | 22 | ||||
| -rw-r--r-- | system_app.te | 7 | ||||
| -rw-r--r-- | system_server.te | 8 | ||||
| -rw-r--r-- | untrusted_app.te | 7 |
8 files changed, 11 insertions, 48 deletions
diff --git a/bluetooth.te b/bluetooth.te index b90e48f..863cbd8 100644 --- a/bluetooth.te +++ b/bluetooth.te @@ -60,8 +60,6 @@ allow bluetooth system_api_service:service_manager find; service_manager_local_audit_domain(bluetooth) auditallow bluetooth { tmp_system_server_service - -display_service - -dropbox_service -media_session_service -network_management_service -power_service @@ -30,8 +30,6 @@ allow nfc system_api_service:service_manager find; service_manager_local_audit_domain(nfc) auditallow nfc { tmp_system_server_service - -display_service - -dropbox_service -network_management_service -power_service -registry_service diff --git a/platform_app.te b/platform_app.te index 0016f20..3676c5d 100644 --- a/platform_app.te +++ b/platform_app.te @@ -39,13 +39,6 @@ allow platform_app system_api_service:service_manager find; service_manager_local_audit_domain(platform_app) auditallow platform_app { tmp_system_server_service - -display_service - -dreams_service - -dropbox_service - -fingerprint_service - -graphicsstats_service - -input_method_service - -input_service -lock_settings_service -media_projection_service -media_router_service @@ -41,10 +41,6 @@ allow radio system_api_service:service_manager find; service_manager_local_audit_domain(radio) auditallow radio { tmp_system_server_service - -display_service - -dropbox_service - -imms_service - -input_method_service -netstats_service -network_management_service -notification_service @@ -36,19 +36,19 @@ type dbinfo_service, system_api_service, system_server_service, service_manager_ type device_policy_service, app_api_service, system_server_service, service_manager_type; type deviceidle_service, system_server_service, service_manager_type; type devicestoragemonitor_service, system_server_service, service_manager_type; -type diskstats_service, tmp_system_server_service, service_manager_type; -type display_service, tmp_system_server_service, service_manager_type; +type diskstats_service, system_api_service, system_server_service, service_manager_type; +type display_service, app_api_service, system_server_service, service_manager_type; type DockObserver_service, system_server_service, service_manager_type; -type dreams_service, tmp_system_server_service, service_manager_type; -type dropbox_service, tmp_system_server_service, service_manager_type; -type ethernet_service, tmp_system_server_service, service_manager_type; -type fingerprint_service, tmp_system_server_service, service_manager_type; +type dreams_service, system_api_service, system_server_service, service_manager_type; +type dropbox_service, app_api_service, system_server_service, service_manager_type; +type ethernet_service, app_api_service, system_server_service, service_manager_type; +type fingerprint_service, app_api_service, system_server_service, service_manager_type; type gfxinfo_service, system_api_service, system_server_service, service_manager_type; -type graphicsstats_service, tmp_system_server_service, service_manager_type; -type hardware_service, tmp_system_server_service, service_manager_type; -type hdmi_control_service, tmp_system_server_service, service_manager_type; -type input_method_service, tmp_system_server_service, service_manager_type; -type input_service, tmp_system_server_service, service_manager_type; +type graphicsstats_service, app_api_service, system_server_service, service_manager_type; +type hardware_service, system_server_service, service_manager_type; +type hdmi_control_service, system_api_service, system_server_service, service_manager_type; +type input_method_service, app_api_service, system_server_service, service_manager_type; +type input_service, app_api_service, system_server_service, service_manager_type; type imms_service, app_api_service, system_server_service, service_manager_type; type jobscheduler_service, tmp_system_server_service, service_manager_type; type launcherapps_service, tmp_system_server_service, service_manager_type; diff --git a/system_app.te b/system_app.te index e55525e..7d934d1 100644 --- a/system_app.te +++ b/system_app.te @@ -60,13 +60,6 @@ allow system_app system_api_service:service_manager find; service_manager_local_audit_domain(system_app) auditallow system_app { tmp_system_server_service - -display_service - -dreams_service - -dropbox_service - -fingerprint_service - -graphicsstats_service - -input_method_service - -input_service -lock_settings_service -media_session_service -mount_service diff --git a/system_server.te b/system_server.te index d7024c9..27da183 100644 --- a/system_server.te +++ b/system_server.te @@ -374,14 +374,6 @@ allow system_server tmp_system_server_service:service_manager { add find }; service_manager_local_audit_domain(system_server) auditallow system_server { tmp_system_server_service - -display_service - -dreams_service - -dropbox_service - -ethernet_service - -graphicsstats_service - -hdmi_control_service - -input_method_service - -input_service -jobscheduler_service -location_service -lock_settings_service diff --git a/untrusted_app.te b/untrusted_app.te index a139799..a51c6ea 100644 --- a/untrusted_app.te +++ b/untrusted_app.te @@ -90,14 +90,7 @@ allow untrusted_app system_api_service:service_manager find; service_manager_local_audit_domain(untrusted_app) auditallow untrusted_app { tmp_system_server_service - -diskstats_service - -display_service - -dropbox_service - -graphicsstats_service -healthd_service - -imms_service - -input_method_service - -input_service -jobscheduler_service -launcherapps_service -location_service |