From 6ec4e5f048d6229426a18232338cfb294823892b Mon Sep 17 00:00:00 2001 From: Inseob Kim Date: Thu, 14 Sep 2023 15:57:04 +0000 Subject: [PATCH] Revert "Start tracking vendor seapp coredomain violations" This reverts commit 292f22a33bdb9cbc4283236e7547d5f909d1c1d7. Reason for revert: removed all attribute usages; no need Change-Id: Iab489f1a94733438ba0c552fb9e3eb354423a156 --- public/attributes | 5 ----- tools/check_seapp.c | 9 +-------- 2 files changed, 1 insertion(+), 13 deletions(-) diff --git a/public/attributes b/public/attributes index 0fdbf130b..cb46856f7 100644 --- a/public/attributes +++ b/public/attributes @@ -299,11 +299,6 @@ expandattribute untrusted_app_visible_hwservice_violators false; attribute untrusted_app_visible_halserver_violators; expandattribute untrusted_app_visible_halserver_violators false; -# All system domains which are assignable with vendor's seapp_contexts files. -# TODO(b/280547417): Remove this once there are no violations -attribute vendor_seapp_assigns_coredomain_violators; -expandattribute vendor_seapp_assigns_coredomain_violators false; - # PDX services attribute pdx_endpoint_dir_type; attribute pdx_endpoint_socket_type; diff --git a/tools/check_seapp.c b/tools/check_seapp.c index 41a713d23..862ecce62 100644 --- a/tools/check_seapp.c +++ b/tools/check_seapp.c @@ -22,7 +22,6 @@ #define APP_DATA_REQUIRED_ATTRIB "app_data_file_type" #define COREDOMAIN "coredomain" -#define VENDOR_SEAPP_ASSIGNS_COREDOMAIN_VIOLATORS "vendor_seapp_assigns_coredomain_violators" /** * Initializes an empty, static list. @@ -450,13 +449,7 @@ static bool validate_domain(char *value, const char *filename, int lineno, char return false; } - type_datum_t *attrib_violators = find_type(pol.db, - VENDOR_SEAPP_ASSIGNS_COREDOMAIN_VIOLATORS, - TYPE_ATTRIB); - bool allowlisted = attrib_violators != NULL && - type_has_attribute(pol.db, type_dat, attrib_violators); - - if (type_has_attribute(pol.db, type_dat, attrib_dat) && !allowlisted) { + if (type_has_attribute(pol.db, type_dat, attrib_dat)) { coredomain_violation_entry *entry = (coredomain_violation_entry *)malloc(sizeof(*entry)); entry->domain = strdup(value); entry->filename = strdup(filename);