diff --git a/generic/vendor/common/netmgrd.te b/generic/vendor/common/netmgrd.te index 6dcc399a..a89595d7 100644 --- a/generic/vendor/common/netmgrd.te +++ b/generic/vendor/common/netmgrd.te @@ -30,9 +30,6 @@ type netmgrd_exec, exec_type, vendor_file_type, file_type; net_domain(netmgrd) init_daemon_domain(netmgrd) -# communicate with netd -unix_socket_connect(netmgrd, netd, netd) - allow netmgrd netmgrd_socket:dir w_dir_perms; allow netmgrd netmgrd_socket:sock_file create_file_perms; allow netmgrd self:netlink_xfrm_socket { create_socket_perms_no_ioctl nlmsg_write }; diff --git a/legacy/vendor/common/ims.te b/legacy/vendor/common/ims.te index 1a845ee4..a695dc52 100644 --- a/legacy/vendor/common/ims.te +++ b/legacy/vendor/common/ims.te @@ -55,8 +55,6 @@ allow ims { #wpa_exec }:file rx_file_perms; -# Talk to netd via netd_socket -unix_socket_connect(ims, netd, netd) # Talk to qumuxd via ims_socket unix_socket_connect(ims, ims, qmuxd) diff --git a/legacy/vendor/common/netd.te b/legacy/vendor/common/netd.te index aa9253bb..87f57839 100644 --- a/legacy/vendor/common/netd.te +++ b/legacy/vendor/common/netd.te @@ -33,8 +33,6 @@ allow netd qtitetherservice_service:service_manager find; allow netd netd:packet_socket create_socket_perms_no_ioctl; -#unix_socket_connect(netd, cnd, cnd) - allow netd wfdservice:fd use; #allow netd wfdservice:tcp_socket rw_socket_perms; hal_client_domain(netd, wifidisplayhalservice); diff --git a/legacy/vendor/common/netmgrd.te b/legacy/vendor/common/netmgrd.te index aa3c8bfa..dc55ac48 100644 --- a/legacy/vendor/common/netmgrd.te +++ b/legacy/vendor/common/netmgrd.te @@ -76,10 +76,6 @@ allow netmgrd { proc_net }:file rw_file_perms; allow netmgrd self:socket create_socket_perms; -#Allow communication with netd -#allow netmgrd netd_socket:sock_file w_file_perms; -#r_dir_file(netmgrd, net_data_file) - allow netmgrd sysfs_data:file r_file_perms; #Acquire lock on /system/etc/xtables.lock diff --git a/legacy/vendor/common/system_app.te b/legacy/vendor/common/system_app.te index caf28eb3..dc3d77a0 100644 --- a/legacy/vendor/common/system_app.te +++ b/legacy/vendor/common/system_app.te @@ -134,9 +134,6 @@ allow system_app self:netlink_kobject_uevent_socket { read bind setopt create }; allow system_app radio_data_file:dir rw_dir_perms; allow system_app radio_data_file:file create_file_perms; -# allow system_app to access netd -unix_socket_connect(system_app, netd, netd) - # required for FM App to connectto wcnss_filter sockets # serial device ttyHS0 (transport layer for FM) allow system_app serial_device:chr_file rw_file_perms; diff --git a/qva/private/mirrorlink.te b/qva/private/mirrorlink.te index b445ce92..65809986 100644 --- a/qva/private/mirrorlink.te +++ b/qva/private/mirrorlink.te @@ -46,9 +46,6 @@ allow mirrorlink mirrorlink_data_file:dir create_dir_perms; # Allow read-write permissions to mirrorlink sockets under dev/socket/. allow mirrorlink mirrorlink_socket:sock_file { read write }; -# Allow local socket connection from mirrorlink domain to netd domain via netd_socket. -unix_socket_connect(mirrorlink, netd, netd); - # Allow read-write access to proc net device. allow mirrorlink proc_net:file rw_file_perms; diff --git a/qva/private/system_app.te b/qva/private/system_app.te index bc78eab8..c791aaa4 100644 --- a/qva/private/system_app.te +++ b/qva/private/system_app.te @@ -25,8 +25,6 @@ # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# allow system_app to access netd -unix_socket_connect(system_app, netd, netd) # access to seemp folder allow system_app seemp_data_file:dir r_dir_perms; allow system_app seemp_data_file:{ file fifo_file } rw_file_perms; diff --git a/qva/vendor/common/ims.te b/qva/vendor/common/ims.te index 0a1d2971..594090bc 100644 --- a/qva/vendor/common/ims.te +++ b/qva/vendor/common/ims.te @@ -40,8 +40,6 @@ allow ims { wcnss_service_exec }:file rx_file_perms; -# Talk to netd via netd_socket -unix_socket_connect(ims, netd, netd) set_prop(ims, qcom_ims_prop) set_prop(ims, ctl_vendor_imsrcsservice_prop)