Revert "vendor: sepolicy: spdaemon: add IAR support"
This reverts commit 91cb2d7f8f442111e7d318c750443bce99d6ee8a. Change-Id: Ib76df12b69e88c9601b8bf2d2dd9ba4032e54b4d
This commit is contained in:
Ravi Kumar Siddojigari
Gerrit - the friendly Code Review server
parent
5dcc4a0ba0
commit
2133fb4260
8 changed files with 2 additions and 77 deletions
3
legacy/vendor/common/device.te
vendored
3
legacy/vendor/common/device.te
vendored
|
|
@ -110,9 +110,6 @@ type wcnss_device, dev_type;
|
|||
# Define spcom device
|
||||
type spcom_device, dev_type;
|
||||
|
||||
# Define spss_utils device
|
||||
type spss_utils_device, dev_type;
|
||||
|
||||
# Define skp device
|
||||
type skp_device, dev_type;
|
||||
|
||||
|
|
|
|||
9
legacy/vendor/common/file.te
vendored
9
legacy/vendor/common/file.te
vendored
|
|
@ -84,7 +84,6 @@ type vendor_persist_mmi_file, file_type, vendor_persist_type;
|
|||
type persist_misc_file, file_type , vendor_persist_type;
|
||||
type persist_bms_file, file_type , vendor_persist_type;
|
||||
type persist_secnvm_file, file_type , vendor_persist_type;
|
||||
type persist_iar_db_file, file_type , vendor_persist_type;
|
||||
type persist_hvdcp_file, file_type , vendor_persist_type;
|
||||
|
||||
#file type for restricting proc read by audiod
|
||||
|
|
@ -217,11 +216,6 @@ type port_bridge_data_file, file_type, data_file_type;
|
|||
#bluetooth firmware file types
|
||||
type bt_firmware_file, file_type, contextmount_type, vendor_file_type;
|
||||
|
||||
#spunvm file types
|
||||
# files under /vendor/ must be associated with the "vendor_file_type" attribute
|
||||
#type spunvm_file, file_type, vendor_file_type;
|
||||
type spunvm_file, file_type;
|
||||
|
||||
#needed by vold
|
||||
type proc_dirty_ratio, fs_type, proc_type;
|
||||
|
||||
|
|
@ -293,9 +287,6 @@ type sysfs_kgsl_proc, sysfs_type, fs_type;
|
|||
# kgsl snapshot file type for sysfs access
|
||||
type sysfs_kgsl_snapshot, sysfs_type, fs_type;
|
||||
|
||||
#spss sysfs files
|
||||
type sysfs_spss, fs_type, sysfs_type;
|
||||
|
||||
# secure touch files
|
||||
type sysfs_securetouch, fs_type, sysfs_type;
|
||||
|
||||
|
|
|
|||
7
legacy/vendor/common/file_contexts
vendored
7
legacy/vendor/common/file_contexts
vendored
|
|
@ -47,7 +47,6 @@
|
|||
/dev/nq-nci u:object_r:nfc_device:s0
|
||||
/dev/qseecom u:object_r:tee_device:s0
|
||||
/dev/spcom u:object_r:spcom_device:s0
|
||||
/dev/spss_utils u:object_r:spss_utils_device:s0
|
||||
/dev/sp_kernel u:object_r:skp_device:s0
|
||||
/dev/sp_ssr u:object_r:sp_ssr_device:s0
|
||||
/dev/sec_nvm_.* u:object_r:sec_nvm_device:s0
|
||||
|
|
@ -606,7 +605,6 @@
|
|||
/mnt/vendor/persist/FTM_AP(/.*)? u:object_r:vendor_persist_mmi_file:s0
|
||||
/mnt/vendor/persist/hvdcp_opti(/.*)? u:object_r:persist_hvdcp_file:s0
|
||||
|
||||
/mnt/vendor/persist/iar_db(/.*)? u:object_r:persist_iar_db_file:s0
|
||||
###################################
|
||||
# etc files
|
||||
#
|
||||
|
|
@ -618,11 +616,6 @@
|
|||
/(vendor|system/vendor)/dsp(/.*)? u:object_r:adsprpcd_file:s0
|
||||
/dsp(/.*)? u:object_r:adsprpcd_file:s0
|
||||
|
||||
###################################
|
||||
# spunvm IAR files
|
||||
#
|
||||
/mnt/vendor/spunvm(/.*)? u:object_r:spunvm_file:s0
|
||||
|
||||
###################################
|
||||
# cache files
|
||||
#
|
||||
|
|
|
|||
20
legacy/vendor/common/spdaemon.te
vendored
20
legacy/vendor/common/spdaemon.te
vendored
|
|
@ -35,9 +35,6 @@ init_daemon_domain(spdaemon)
|
|||
# Allow access to spcom device
|
||||
allow spdaemon spcom_device:chr_file rw_file_perms;
|
||||
|
||||
# Allow access to spss_utils device
|
||||
allow spdaemon spss_utils_device:chr_file rw_file_perms;
|
||||
|
||||
# Allow access to skp device
|
||||
allow spdaemon skp_device:chr_file rw_file_perms;
|
||||
|
||||
|
|
@ -55,17 +52,7 @@ allow spdaemon cryptoapp_device:chr_file rw_file_perms;
|
|||
allow spdaemon ion_device:chr_file rw_file_perms;
|
||||
|
||||
# Allow to load SPSS firmware images
|
||||
r_dir_file(spdaemon, firmware_file)
|
||||
|
||||
# Allow to access IAR-DB at /mnt/vendor/persist/iar_db
|
||||
allow spdaemon persist_iar_db_file:dir rw_dir_perms;
|
||||
allow spdaemon persist_iar_db_file:file rw_file_perms;
|
||||
allow spdaemon mnt_vendor_file:dir rw_dir_perms;
|
||||
allow spdaemon mnt_vendor_file:file rw_file_perms;
|
||||
|
||||
# Allow to access IAR-DB at /mnt/vendor/spunvm/iar_db
|
||||
allow spdaemon spunvm_file:dir rw_dir_perms;
|
||||
allow spdaemon spunvm_file:file rw_file_perms;
|
||||
r_dir_file(spdaemon, firmware_file);
|
||||
|
||||
|
||||
# Allow SPSS-PIL via Peripheral Manager
|
||||
|
|
@ -75,9 +62,4 @@ use_vendor_per_mgr(spdaemon)
|
|||
# Allow set/get prop to set/check if app is loaded
|
||||
set_prop(spdaemon, spcomlib_prop)
|
||||
|
||||
# allow access to sysfs
|
||||
allow spdaemon sysfs_data:file r_file_perms;
|
||||
|
||||
# allow access to spss_utils sysfs for IAR (device attributes)
|
||||
allow spdaemon sysfs_spss:file rw_file_perms;
|
||||
# End-Of-File
|
||||
|
|
|
|||
4
qva/vendor/common/device.te
vendored
4
qva/vendor/common/device.te
vendored
|
|
@ -26,10 +26,6 @@
|
|||
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
type hsic_device, dev_type;
|
||||
|
||||
# Define spss_utils device
|
||||
type spss_utils_device, dev_type;
|
||||
|
||||
type skp_device, dev_type;
|
||||
type sp_keymaster_device, dev_type;
|
||||
type sp_ssr_device, dev_type;
|
||||
|
|
|
|||
9
qva/vendor/common/file.te
vendored
9
qva/vendor/common/file.te
vendored
|
|
@ -29,7 +29,6 @@
|
|||
type vendor_qti_data_file, file_type, data_file_type;
|
||||
|
||||
type persist_secnvm_file, file_type , vendor_persist_type;
|
||||
type persist_iar_db_file, file_type , vendor_persist_type;
|
||||
|
||||
#mink-lowi-interface-daemon (mlid) socket
|
||||
type mlid_socket, file_type, mlstrustedobject;
|
||||
|
|
@ -40,11 +39,6 @@ type ssgqmig_socket, file_type, mlstrustedobject;
|
|||
#ssg tz daemon socket
|
||||
type ssgtzd_socket, file_type, mlstrustedobject;
|
||||
|
||||
#spunvm file types
|
||||
# files under /vendor/ must be associated with the "vendor_file_type" attribute
|
||||
#type spunvm_file, file_type, vendor_file_type;
|
||||
type spunvm_file, file_type;
|
||||
|
||||
type qfp-daemon_data_file, file_type, data_file_type;
|
||||
type persist_qti_fp_file, file_type, vendor_persist_type;
|
||||
type sysfs_touch_aoi, fs_type, sysfs_type;
|
||||
|
|
@ -92,9 +86,6 @@ type wifi_vendor_data_file, file_type, data_file_type;
|
|||
type wifi_vendor_wpa_socket, file_type, data_file_type;
|
||||
type hostapd_socket, file_type, data_file_type;
|
||||
|
||||
#spss sysfs files
|
||||
type sysfs_spss, fs_type, sysfs_type;
|
||||
|
||||
#vpp
|
||||
type vendor_vpp_data_file, file_type, data_file_type;
|
||||
type persist_vpp_file, file_type, vendor_persist_type;
|
||||
|
|
|
|||
9
qva/vendor/common/file_contexts
vendored
9
qva/vendor/common/file_contexts
vendored
|
|
@ -44,7 +44,6 @@
|
|||
/dev/qg u:object_r:qg_device:s0
|
||||
/dev/qg_battery u:object_r:qg_device:s0
|
||||
/dev/qvr_external_sensor_ioctl u:object_r:qvr_external_sensor_device:s0
|
||||
/dev/spss_utils u:object_r:spss_utils_device:s0
|
||||
###################################
|
||||
# Dev socket nodes
|
||||
#
|
||||
|
|
@ -149,8 +148,6 @@
|
|||
/sys/devices(/platform)?/soc/[a-z0-9]+\.qcom,pcie/pci[0-9:]+/[0-9:\.]+/[0-9:\.]+/net/wigig0/queues/rx-0/rps_cpus u:object_r:sysfs_wigig:s0
|
||||
/sys/devices(/platform)?/soc/[a-z0-9]+\.qcom,pcie/pci[0-9:]+/[0-9:\.]+/[0-9:\.]+/net/wigig0/gro_flush_timeout u:object_r:sysfs_wigig:s0
|
||||
|
||||
/sys/devices(/platform)?/soc/soc:qcom,spss_utils(/.*)? u:object_r:sysfs_spss:s0
|
||||
|
||||
/sys/devices(/platform)?/soc/soc:qcom,gpubw/devfreq/soc:qcom,gpubw(/.*)? u:object_r:sysfs_devfreq:s0
|
||||
|
||||
###################################
|
||||
|
|
@ -182,12 +179,6 @@
|
|||
/mnt/vendor/persist/FTM_AP(/.*)? u:object_r:vendor_persist_mmi_file:s0
|
||||
/mnt/vendor/persist/vpp(/.*)? u:object_r:persist_vpp_file:s0
|
||||
/mnt/vendor/persist/hvdcp_opti(/.*)? u:object_r:persist_hvdcp_file:s0
|
||||
/mnt/vendor/persist/iar_db(/.*)? u:object_r:persist_iar_db_file:s0
|
||||
|
||||
###################################
|
||||
# spunvm partition
|
||||
#
|
||||
/mnt/vendor/spunvm(/.*)? u:object_r:spunvm_file:s0
|
||||
|
||||
# same-process HAL files and their dependencies
|
||||
#
|
||||
|
|
|
|||
18
qva/vendor/common/spdaemon.te
vendored
18
qva/vendor/common/spdaemon.te
vendored
|
|
@ -32,10 +32,6 @@ type spdaemon_exec, exec_type, vendor_file_type, file_type;
|
|||
|
||||
init_daemon_domain(spdaemon)
|
||||
allow spdaemon spcom_device:chr_file { getattr rw_file_perms };
|
||||
|
||||
# Allow access to spss_utils device
|
||||
allow spdaemon spss_utils_device:chr_file rw_file_perms;
|
||||
|
||||
allow spdaemon skp_device:chr_file { getattr rw_file_perms };
|
||||
# Need to check if really needed
|
||||
set_prop(spdaemon, spcomlib_prop)
|
||||
|
|
@ -49,23 +45,11 @@ r_dir_file(spdaemon, firmware_file);
|
|||
use_vendor_per_mgr(spdaemon)
|
||||
hal_client_domain(spdaemon, hal_telephony)
|
||||
|
||||
# Allow to access IAR-DB at /mnt/vendor/persist/iar_db
|
||||
allow spdaemon persist_iar_db_file:dir rw_dir_perms;
|
||||
allow spdaemon persist_iar_db_file:file rw_file_perms;
|
||||
allow spdaemon mnt_vendor_file:dir rw_dir_perms;
|
||||
allow spdaemon mnt_vendor_file:file rw_file_perms;
|
||||
|
||||
# Allow to access IAR-DB at /mnt/vendor/spunvm
|
||||
allow spdaemon spunvm_file:dir rw_dir_perms;
|
||||
allow spdaemon spunvm_file:file rw_file_perms;
|
||||
|
||||
# allow read access to sysfs
|
||||
allow spdaemon sysfs_data:file r_file_perms;
|
||||
|
||||
allow spdaemon sysfs_spdaemon:file r_file_perms;
|
||||
r_dir_file(spdaemon, sysfs_spss);
|
||||
|
||||
userdebug_or_eng(`
|
||||
allow spdaemon debugfs_ipc:file rw_file_perms;
|
||||
allow spdaemon debugfs_ipc:dir r_dir_perms;
|
||||
')
|
||||
# End Of File
|
||||
|
|
|
|||
Loading…
Reference in a new issue