From 7d21a3dff7b8446b6140379f55d3d91c538ae2d9 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Sat, 23 Apr 2016 05:31:36 -0700
Subject: [PATCH] drop /data/app-lib support

This directory is no longer used.

Change-Id: Ic32a7dd160b23ef8d1d4ffe3f7b1af56c973d73c
---
 app.te    | 4 ----
 domain.te | 1 -
 2 files changed, 5 deletions(-)

diff --git a/app.te b/app.te
index a91d75aa1..c7f7c2e89 100644
--- a/app.te
+++ b/app.te
@@ -70,10 +70,6 @@ allow appdomain surfaceflinger:unix_stream_socket { read write setopt getattr ge
 allow { appdomain -isolated_app } app_data_file:dir create_dir_perms;
 allow { appdomain -isolated_app } app_data_file:notdevfile_class_set create_file_perms;
 
-# lib subdirectory of /data/data dir is system-owned.
-allow appdomain system_data_file:dir r_dir_perms;
-allow appdomain system_data_file:file { execute execute_no_trans open execmod };
-
 # Traverse into expanded storage
 allow appdomain mnt_expand_file:dir r_dir_perms;
 
diff --git a/domain.te b/domain.te
index 6efb86dc3..c575bdf57 100644
--- a/domain.te
+++ b/domain.te
@@ -392,7 +392,6 @@ neverallow { domain userdebug_or_eng(`-dumpstate -shell -su') } su_exec:file no_
 # which, long term, need to go away.
 neverallow * {
   file_type
-  -system_data_file
   -apk_data_file
   -app_data_file
   -asec_public_file