Merge "Remove redundant allows" into main am: 598de5b6c8 am: e3fec04da1 am: c09b371bad am: ec4858c6b7
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2677815 Change-Id: Ie74e438185552265c126608782d0342c56d9dc97 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Treehugger Robot
Automerger Merge Worker
commit
c6138d7be0
2 changed files with 0 additions and 12 deletions
|
|
@ -8,13 +8,6 @@ allow microdroid_payload adbd:unix_stream_socket { read write };
|
|||
# microdroid_launcher is launched by microdroid_manager with fork/execvp.
|
||||
allow microdroid_payload microdroid_manager:fd use;
|
||||
|
||||
# Allow to use FDs inherited from the shell. This includes the FD opened for
|
||||
# the microdroid_launcher executable itself and the FD for adb connection.
|
||||
# TODO(b/186396070) remove this when this is executed from microdroid_manager
|
||||
userdebug_or_eng(`
|
||||
allow microdroid_payload shell:fd use;
|
||||
')
|
||||
|
||||
# Allow to use terminal
|
||||
allow microdroid_payload devpts:chr_file rw_file_perms;
|
||||
|
||||
|
|
|
|||
|
|
@ -7,11 +7,6 @@ selinux_check_context(shell)
|
|||
# Allow shell to run adb shell cmd stats commands. Needed for CTS.
|
||||
binder_call(shell, statsd);
|
||||
|
||||
# Allow shell to launch microdroid_launcher in its own domain
|
||||
# TODO(b/186396070) remove this when microdroid_manager can do this
|
||||
domain_auto_trans(shell, microdroid_app_exec, microdroid_app)
|
||||
domain_auto_trans(shell, microdroid_manager_exec, microdroid_manager)
|
||||
|
||||
# Connect to adbd and use a socket transferred from it.
|
||||
# This is used for e.g. adb backup/restore.
|
||||
allow shell adbd:unix_stream_socket connectto;
|
||||
|
|
|
|||
Loading…
Reference in a new issue