From f77cf6780c9f3bd12ce744dd5a7be635b17436bc Mon Sep 17 00:00:00 2001
From: Joonhun Shin <joonhunshin@google.com>
Date: Fri, 16 Feb 2024 09:22:41 +0000
Subject: [PATCH] Revert "Relax neverallows for vendor to use /system/bin/sh"

Revert submission 2964802-sh_path

Reason for revert: <b/325569171>

Reverted changes: /q/submissionid:2964802-sh_path

Change-Id: I89e635e742d8f4f8a79afa1bb2646c7621705994
---
 public/domain.te          | 6 ------
 public/hal_neverallows.te | 8 +-------
 2 files changed, 1 insertion(+), 13 deletions(-)

diff --git a/public/domain.te b/public/domain.te
index 030e8a9ba..d630a2433 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -913,9 +913,6 @@ full_treble_only(`
         -crash_dump_exec
         -netutils_wrapper_exec
         userdebug_or_eng(`-tcpdump_exec')
-        # Vendor components still can invoke shell commands via /system/bin/sh
-        -shell_exec
-        -toolbox_exec
     }:file { entrypoint execute execute_no_trans };
 ')
 
@@ -996,9 +993,6 @@ full_treble_only(`
     -task_profiles_api_file
     -task_profiles_file
     userdebug_or_eng(`-tcpdump_exec')
-    # Vendor components still can invoke shell commands via /system/bin/sh
-    -shell_exec
-    -toolbox_exec
   }:file *;
 ')
 
diff --git a/public/hal_neverallows.te b/public/hal_neverallows.te
index 6730c322d..621a0b87a 100644
--- a/public/hal_neverallows.te
+++ b/public/hal_neverallows.te
@@ -85,13 +85,7 @@ neverallow {
   halserverdomain
   -hal_dumpstate_server
   -hal_telephony_server
-} {
-  file_type
-  fs_type
-  # May invoke shell commands via /system/bin/sh
-  -shell_exec
-  -toolbox_exec
-}:file execute_no_trans;
+} { file_type fs_type }:file execute_no_trans;
 # Do not allow a process other than init to transition into a HAL domain.
 neverallow { domain -init } halserverdomain:process transition;
 # Only allow transitioning to a domain by running its executable. Do not