Merge "Revert "Adds a new prop context for choosing between multi-insta..."" am: 95d7aaa339

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1893458

Change-Id: Ibd4d1225cd655151657d3f2511636637415e35b8

private/apexd.te

@@ -155,10 +155,6 @@ get_prop(apexd, cold_boot_done_prop)
 # Allow apexd to read per-device configuration properties.
 get_prop(apexd, apexd_config_prop)
 
-# Allow apexd to read apex selection properties.
-# These are used to choose between multi-installed APEXes at activation time.
-get_prop(apexd, apexd_select_prop)
-
 neverallow { domain -apexd -init } apex_data_file:dir no_w_dir_perms;
 neverallow { domain -apexd -init } apex_metadata_file:dir no_w_dir_perms;
 neverallow { domain -apexd -init -kernel } apex_data_file:file no_w_file_perms;

private/compat/31.0/31.0.ignore.cil

@@ -5,7 +5,6 @@
 (typeattribute new_objects)
 (typeattributeset new_objects
   ( new_objects
-    apexd_select_prop
     artd_service
     attestation_verification_service
     camera2_extensions_prop

private/property_contexts

@@ -265,8 +265,6 @@ apexd.                  u:object_r:apexd_prop:s0
 apexd.config.dm_delete.timeout           u:object_r:apexd_config_prop:s0 exact uint
 apexd.config.dm_create.timeout           u:object_r:apexd_config_prop:s0 exact uint
 persist.apexd.          u:object_r:apexd_prop:s0
-persist.vendor.apex.    u:object_r:apexd_select_prop:s0
-ro.boot.vendor.apex.    u:object_r:apexd_select_prop:s0
 
 bpf.progs_loaded        u:object_r:bpf_progs_loaded_prop:s0
 

public/property.te

@@ -115,7 +115,6 @@ compatible_property_only(`
 
 # Properties which can be written only by vendor_init
 system_vendor_config_prop(apexd_config_prop)
-system_vendor_config_prop(apexd_select_prop)
 system_vendor_config_prop(aaudio_config_prop)
 system_vendor_config_prop(apk_verity_prop)
 system_vendor_config_prop(audio_config_prop)