From 7fd8933f0c9338fde8ad6b3600bc3bedeb29f973 Mon Sep 17 00:00:00 2001
From: Steven Moreland <smoreland@google.com>
Date: Tue, 15 Mar 2022 16:35:16 +0000
Subject: [PATCH] Remove media crash neverallow exception.

Unneeded.

Bug: N/A
Test: compile time
Change-Id: I0557794a33ae942bd7764d5e41515d7d4bb77ed6
---
 public/domain.te | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/public/domain.te b/public/domain.te
index 705c13ae0..35511638c 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -1029,19 +1029,7 @@ neverallow { domain -system_server -webview_zygote -app_zygote } webview_zygote:
 neverallow { domain -system_server } webview_zygote:sock_file write;
 neverallow { domain -system_server } app_zygote:sock_file write;
 
-neverallow {
-  domain
-  -tombstoned
-  -crash_dump
-  -dumpstate
-  -incidentd
-  -system_server
-
-  # Processes that can't exec crash_dump
-  -hal_codec2_server
-  -hal_omx_server
-  -mediaextractor
-} tombstoned_crash_socket:unix_stream_socket connectto;
+neverallow domain tombstoned_crash_socket:unix_stream_socket connectto;
 
 # Never allow anyone except dumpstate, incidentd, or the system server to connect or write to
 # the tombstoned intercept socket.