Merge "sepolicy_vndr: remove dmabuf display heap policy for display composer"

generic/vendor/common/hal_graphics_composer_default.te

@@ -62,11 +62,9 @@ allow hal_graphics_composer_default self:netlink_kobject_uevent_socket create_so
 # Allow ion_device read/write permission
 allow hal_graphics_composer_default ion_device:chr_file rw_file_perms;
 
-# Allow hal_graphics_composer_default to open/read vendor_dmabuf_display/system heap device
-allow hal_graphics_composer_default vendor_dmabuf_display_heap_device:chr_file r_file_perms;
+# Allow hal_graphics_composer_default to open/read vendor_dmabuf_system heap device
 allow hal_graphics_composer_default vendor_dmabuf_system_heap_device:chr_file r_file_perms;
 # whitelist the ioctl cmd that can be sent from hal_graphics_composer_default
-allowxperm hal_graphics_composer_default vendor_dmabuf_display_heap_device:chr_file ioctl DMA_HEAP_IOCTL_ALLOC;
 allowxperm hal_graphics_composer_default vendor_dmabuf_system_heap_device:chr_file ioctl DMA_HEAP_IOCTL_ALLOC;
 
 # Access /sys/devices/virtual/graphics/fb0