commit abb157c6c476cb052520dc48410e04391581c28e
author Jackeagle <jackeagle102@gmail.com> Sat Jul 27 12:18:14 2019 +0200
committer Jackeagle <jackeagle102@gmail.com> Sat Jul 27 12:18:14 2019 +0200
tree c0837d9364e662fbf32b4c86687c47af69ab4e11
parent 6bd79e7dd1fa62ee7e3439eb8d3ff7467304452d

bliss: Kill unwanted policy :|

Change-Id: I0a5fff4fac5b8601bd28cca78bb01785343dd004
Signed-off-by: Jackeagle <jackeagle102@gmail.com>

sepolicy/private/file.te

diff --git a/sepolicy/private/file.te b/sepolicy/private/file.te
deleted file mode 100644
index d01594e..0000000
--- a/sepolicy/private/file.te
+++ /dev/null
@@ -1,2 +0,0 @@
-type sysfs_block_scheduler, fs_type, sysfs_type;
-

sepolicy/private/file_contexts

diff --git a/sepolicy/private/file_contexts b/sepolicy/private/file_contexts
deleted file mode 100644
index b62ada7..0000000
--- a/sepolicy/private/file_contexts
+++ /dev/null
@@ -1,7 +0,0 @@
-# Postinstall
-/system/bin/backuptool_ab\.functions              u:object_r:otapreopt_chroot_exec:s0
-/system/bin/backuptool_ab\.sh                     u:object_r:otapreopt_chroot_exec:s0
-/system/bin/backuptool_postinstall\.sh            u:object_r:otapreopt_chroot_exec:s0
-
-# Set disk scheduler via init
-/sys/block/[^/]+/queue/scheduler                   u:object_r:sysfs_block_scheduler:s0

sepolicy/private/hal_bootctl.te

diff --git a/sepolicy/private/hal_bootctl.te b/sepolicy/private/hal_bootctl.te
deleted file mode 100644
index 0b8be88..0000000
--- a/sepolicy/private/hal_bootctl.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow hal_bootctl self:capability sys_admin;
-

sepolicy/private/init.te

diff --git a/sepolicy/private/init.te b/sepolicy/private/init.te
deleted file mode 100644
index 3491baf..0000000
--- a/sepolicy/private/init.te
+++ /dev/null
@@ -1,7 +0,0 @@
-# Set disk scheduler in init.local.rc
-allow init sysfs_block_scheduler:file { open setattr write };
-
-# Mount debugfs in init.local.rc
-userdebug_or_eng(`
-  allow init debugfs:dir mounton;
-')

sepolicy/private/otapreopt_chroot.te

diff --git a/sepolicy/private/otapreopt_chroot.te b/sepolicy/private/otapreopt_chroot.te
deleted file mode 100644
index d733f14..0000000
--- a/sepolicy/private/otapreopt_chroot.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow otapreopt_chroot postinstall_file:lnk_file read;
-allow otapreopt_chroot system_file:dir mounton;

sepolicy/private/platform_app.te

diff --git a/sepolicy/private/platform_app.te b/sepolicy/private/platform_app.te
deleted file mode 100644
index 7652ae9..0000000
--- a/sepolicy/private/platform_app.te
+++ /dev/null
@@ -1 +0,0 @@
-allow platform_app kernel:system syslog_read;

sepolicy/private/priv_app.te

diff --git a/sepolicy/private/priv_app.te b/sepolicy/private/priv_app.te
deleted file mode 100644
index 423003d..0000000
--- a/sepolicy/private/priv_app.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow priv_app ota_package_file:dir create_dir_perms;
-allow priv_app kernel:system syslog_read;

sepolicy/private/rootfs.te

diff --git a/sepolicy/private/rootfs.te b/sepolicy/private/rootfs.te
deleted file mode 100644
index 9404006..0000000
--- a/sepolicy/private/rootfs.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow rootfs labeledfs:filesystem associate;
-

sepolicy/private/sdcardfs.te

diff --git a/sepolicy/private/sdcardfs.te b/sepolicy/private/sdcardfs.te
deleted file mode 100644
index dc697b0..0000000
--- a/sepolicy/private/sdcardfs.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow sdcardfs labeledfs:filesystem associate;
-

sepolicy/private/shell.te

diff --git a/sepolicy/private/shell.te b/sepolicy/private/shell.te
deleted file mode 100644
index b9d6dcf..0000000
--- a/sepolicy/private/shell.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow shell otapreopt_chroot_exec:file getattr;
-allow shell kernel:system syslog_read;

sepolicy/private/system_app.te

diff --git a/sepolicy/private/system_app.te b/sepolicy/private/system_app.te
deleted file mode 100644
index 08e4db4..0000000
--- a/sepolicy/private/system_app.te
+++ /dev/null
@@ -1,4 +0,0 @@
-#selinux status
-allow system_app selinuxfs:file r_file_perms;
-
-

sepolicy/private/update_engine.te

diff --git a/sepolicy/private/update_engine.te b/sepolicy/private/update_engine.te
deleted file mode 100644
index d2ddcbe..0000000
--- a/sepolicy/private/update_engine.te
+++ /dev/null
@@ -1,21 +0,0 @@
-r_dir_file(update_engine, mnt_user_file)
-r_dir_file(update_engine, storage_file)
-
-allow update_engine self:capability { chown fsetid };
-
-allow update_engine labeledfs:filesystem { mount unmount };
-
-allow update_engine { otapreopt_chroot_exec toolbox_exec }:file rx_file_perms;
-
-allow update_engine labeledfs:filesystem mount;
-allow update_engine rootfs:file { create setattr write rx_file_perms unlink relabelfrom rename };
-allow update_engine rootfs:dir { create write open add_name read rmdir remove_name };
-
-allow update_engine system_data_file:file { create read write open unlink };
-allow update_engine system_data_file:dir { create write add_name read remove_name unlink };
-
-allow update_engine system_file:file { create setattr write relabelto relabelfrom rx_file_perms unlink };
-allow update_engine system_file:dir { create setattr write rmdir remove_name add_name };
-
-allow update_engine storage_file:lnk_file read;
-allow update_engine toolbox_exec:file { execute getattr };

sepolicy/sepolicy.mk

diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk
deleted file mode 100644
index e806594..0000000
--- a/sepolicy/sepolicy.mk
+++ /dev/null
@@ -1,9 +0,0 @@
-#
-# This policy configuration will be used by all products that
-# inherit from Bliss
-#
-
-BOARD_SEPOLICY_DIRS += \
-    vendor/bliss/sepolicy/common
-
-BOARD_PLAT_PRIVATE_SEPOLICY_DIR += vendor/bliss/sepolicy/private