From b5dc6137adf0c5ced252c6bedc48b00317e0a4e0 Mon Sep 17 00:00:00 2001
From: Samuel Ha <samuelha@google.com>
Date: Tue, 26 Jun 2018 19:36:38 +0000
Subject: [PATCH] Revert "Reduce the number of processes that can start adbd"

This reverts commit faebeacaa0705f37be6c8e19ef55be3eda7d7eeb.

Reason for revert: broke the build

Change-Id: I3d61ce011ad42c6ff0e9f122de3daa37e846407a
---
 private/compat/26.0/26.0.cil | 2 +-
 private/compat/27.0/27.0.cil | 2 +-
 private/property_contexts    | 5 -----
 public/adbd.te               | 4 ----
 public/property.te           | 2 --
 public/recovery.te           | 2 +-
 public/usbd.te               | 2 --
 7 files changed, 3 insertions(+), 16 deletions(-)

diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index f53a194dd..4699ecf43 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -121,7 +121,7 @@
 (typeattributeset ctl_bootanim_prop_26_0 (ctl_bootanim_prop))
 (typeattributeset ctl_bugreport_prop_26_0 (ctl_bugreport_prop))
 (typeattributeset ctl_console_prop_26_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop))
+(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
 (typeattributeset ctl_dumpstate_prop_26_0 (ctl_dumpstate_prop))
 (typeattributeset ctl_fuse_prop_26_0 (ctl_fuse_prop))
 (typeattributeset ctl_mdnsd_prop_26_0 (ctl_mdnsd_prop))
diff --git a/private/compat/27.0/27.0.cil b/private/compat/27.0/27.0.cil
index 8eedf56a6..e5d50e472 100644
--- a/private/compat/27.0/27.0.cil
+++ b/private/compat/27.0/27.0.cil
@@ -826,7 +826,7 @@
 (typeattributeset ctl_bootanim_prop_27_0 (ctl_bootanim_prop))
 (typeattributeset ctl_bugreport_prop_27_0 (ctl_bugreport_prop))
 (typeattributeset ctl_console_prop_27_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop))
+(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
 (typeattributeset ctl_dumpstate_prop_27_0 (ctl_dumpstate_prop))
 (typeattributeset ctl_fuse_prop_27_0 (ctl_fuse_prop))
 (typeattributeset ctl_mdnsd_prop_27_0 (ctl_mdnsd_prop))
diff --git a/private/property_contexts b/private/property_contexts
index 37d442754..6ebad3591 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -115,11 +115,6 @@ ctl.interface_start$    u:object_r:ctl_interface_start_prop:s0
 ctl.interface_stop$     u:object_r:ctl_interface_stop_prop:s0
 ctl.interface_restart$  u:object_r:ctl_interface_restart_prop:s0
 
- # Restrict access to starting/stopping adbd
-ctl.start$adbd             u:object_r:ctl_adbd_prop:s0
-ctl.stop$adbd              u:object_r:ctl_adbd_prop:s0
-ctl.restart$adbd           u:object_r:ctl_adbd_prop:s0
-
 # NFC properties
 nfc.                    u:object_r:nfc_prop:s0
 
diff --git a/public/adbd.te b/public/adbd.te
index 82373fd1d..95854c01e 100644
--- a/public/adbd.te
+++ b/public/adbd.te
@@ -2,7 +2,3 @@
 # it lives in the rootfs and has no unique file type.
 type adbd, domain;
 type adbd_exec, exec_type, file_type;
-
-# Only init is allowed to enter the adbd domain via exec()
-neverallow { domain -init } adbd:process transition;
-neverallow * adbd:process dyntransition;
diff --git a/public/property.te b/public/property.te
index b92f18a7e..508eed594 100644
--- a/public/property.te
+++ b/public/property.te
@@ -5,7 +5,6 @@ type bluetooth_prop, property_type;
 type bootloader_boot_reason_prop, property_type;
 type config_prop, property_type, core_property_type;
 type cppreopt_prop, property_type, core_property_type;
-type ctl_adbd_prop, property_type;
 type ctl_bootanim_prop, property_type;
 type ctl_bugreport_prop, property_type;
 type ctl_console_prop, property_type;
@@ -328,7 +327,6 @@ compatible_property_only(`
     -boottime_prop
     -config_prop
     -cppreopt_prop
-    -ctl_adbd_prop
     -ctl_bootanim_prop
     -ctl_bugreport_prop
     -ctl_console_prop
diff --git a/public/recovery.te b/public/recovery.te
index dcec9705e..48fffe645 100644
--- a/public/recovery.te
+++ b/public/recovery.te
@@ -109,7 +109,7 @@ recovery_only(`
   set_prop(recovery, powerctl_prop)
 
   # Start/stop adbd via ctl.start adbd
-  set_prop(recovery, ctl_adbd_prop)
+  set_prop(recovery, ctl_default_prop)
 
   # Read serial number of the device from system properties
   get_prop(recovery, serialno_prop)
diff --git a/public/usbd.te b/public/usbd.te
index 6dd133413..98786e062 100644
--- a/public/usbd.te
+++ b/public/usbd.te
@@ -1,5 +1,3 @@
 type usbd, domain;
 type usbd_exec, exec_type, file_type;
 
-# Start/stop adbd via ctl.start adbd
-set_prop(usbd, ctl_adbd_prop)