Sepolicy: mv mobicore/tee policy to android_device_samsung_slsi

diff --git a/sepolicy/file.te b/sepolicy/file.te
index 863203abc56f4e1110e9c6d38122542137d59aab..d72779a42867304dd32a8cf79aaa7a89916aefa9 100644 (file)
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -23,9 +23,7 @@ type proc_swapiness, fs_type, proc_type;
 # data types
 type display_vendor_data_file, file_type, data_file_type;
 type fingerprintd_vendor_data_file, data_file_type, file_type;
-type mobicore_vendor_data_file, data_file_type, file_type;
 type mediadrm_data_file, file_type, data_file_type;
-type mobicore_data_file, data_file_type, core_data_file_type, file_type;
 
 # sysfs types
 type sysfs_batteryinfo_charger_writable, sysfs_type, rw_fs_type, fs_type;

diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 047f85d604f3791f052c6fb45d441263b4d41442..3424af5493e51a0a95442996f633a6bdbdee0756 100644 (file)
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -9,10 +9,6 @@
 
 /dev/cpuset(/.*)?           u:object_r:cgroup:s0
 
-/dev/mobicore               u:object_r:tee_device:s0
-/dev/mobicore-user          u:object_r:tee_device:s0
-/dev/t-base-tui             u:object_r:tee_device:s0
-
 # camera
 /dev/m2m1shot_scaler0       u:object_r:m2m1shot_device:s0
 

diff --git a/sepolicy/hal_fingerprint_default.te b/sepolicy/hal_fingerprint_default.te
index e35929bbece4f21a307318f6b60bbc967bfde1d1..7a5a7965e9666b24860ee38259cea9f2cbf370e5 100644 (file)
--- a/sepolicy/hal_fingerprint_default.te
+++ b/sepolicy/hal_fingerprint_default.te
@@ -1,5 +1,4 @@
 allow hal_fingerprint_default fingerprintd_data_file:dir write;
-allow hal_fingerprint_default tee_device:chr_file rw_file_perms;
 allow hal_fingerprint_default fingerprint_device:chr_file rw_file_perms;
 allow hal_fingerprint_default sysfs_virtual:dir search;
 allow hal_fingerprint_default sysfs_virtual:file r_file_perms;

diff --git a/sepolicy/hal_gatekeeper_default.te b/sepolicy/hal_gatekeeper_default.te
index be9e93ed1aba4130abd5824c50b04490aa41daa0..c9c3b9629aa6d00e062c0344a552b521ecd932d5 100644 (file)
--- a/sepolicy/hal_gatekeeper_default.te
+++ b/sepolicy/hal_gatekeeper_default.te
@@ -1,4 +1,3 @@
 allow hal_gatekeeper_default gatekeeper_efs_file:file rw_file_perms;
 allow hal_gatekeeper_default gatekeeper_efs_file:dir search;
-allow hal_gatekeeper_default tee_device:chr_file rw_file_perms;
 allow hal_gatekeeper_default efs_file:dir search;

diff --git a/sepolicy/hal_keymaster_default.te b/sepolicy/hal_keymaster_default.te
deleted file mode 100644 (file)
index 357775b..0000000
--- a/sepolicy/hal_keymaster_default.te
+++ /dev/null
@@ -1 +0,0 @@
-get_prop(hal_keymaster_default, tee_prop)

diff --git a/sepolicy/init.te b/sepolicy/init.te
index e5ca5f062a93f938bf9ece5e6ee3891674748067..531b33e9fe768a246152cb3f24239b2fa8fb65c1 100644 (file)
--- a/sepolicy/init.te
+++ b/sepolicy/init.te
@@ -34,7 +34,6 @@ allow init sysfs_graphics:file create_file_perms;
 allow init sysfs_touchscreen_writable:file setattr;
 
 allow init system_server:binder { transfer call };
-allow init tee_device:chr_file rw_file_perms;
 allow init device:chr_file ioctl;
 allow init self:tcp_socket create_socket_perms;
 allow init node:tcp_socket node_bind;

diff --git a/sepolicy/property.te b/sepolicy/property.te
index ec742694d6b0c33724e0a16d216503e6587b3b8e..99ad75c690c325a74f9a632d4809f45b0d3701ae 100644 (file)
--- a/sepolicy/property.te
+++ b/sepolicy/property.te
@@ -1,9 +1,6 @@
 # modemloader
 type modemloader_prop, property_type;
 
-# mobicore (tee)
-type tee_prop, property_type;
-
 type persist_rmnet_prop, property_type;
 type persist_data_df_prop, property_type;
 type persist_data_wda_prop, property_type;

diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index 193253a21a4c50ca6d78441ea1e75246a93a8a86..19182c5f8373b93d046c5bbc10a799b6202a549b 100644 (file)
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts
@@ -9,9 +9,6 @@ ro.cbd.dt_revision          u:object_r:modemloader_prop:s0
 ril.cbd.dt_revision         u:object_r:modemloader_prop:s0
 ro.modemloader.done         u:object_r:modemloader_prop:s0
 
-# mobicore
-sys.mobicoredaemon.enable   u:object_r:tee_prop:s0
-
 persist.rmnet.              u:object_r:persist_rmnet_prop:s0
 persist.data.df.            u:object_r:persist_data_df_prop:s0
 persist.data.wda.           u:object_r:persist_data_wda_prop:s0

diff --git a/sepolicy/tee.te b/sepolicy/tee.te
deleted file mode 100644 (file)
index 667c8be..0000000
--- a/sepolicy/tee.te
+++ /dev/null
@@ -1,15 +0,0 @@
-allow tee efs_file:dir { search getattr };
-allow tee efs_file:file r_file_perms;
-allow tee gatekeeper_efs_file:dir r_dir_perms;
-allow tee gatekeeper_efs_file:file r_file_perms;
-allow tee init:unix_stream_socket connectto;
-allow tee property_socket:sock_file write;
-allow tee prov_efs_file:dir search;
-allow tee system_prop:property_service set;
-allow tee tee_prop:property_service set;
-
-# /dev/t-base-tui
-allow tee tee_device:chr_file r_file_perms;
-
-allow tee mobicore_vendor_data_file:dir r_dir_perms;
-allow tee mobicore_vendor_data_file:file rw_file_perms;

diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te
deleted file mode 100644 (file)
index 57f9235..0000000
--- a/sepolicy/vendor_init.te
+++ /dev/null
@@ -1 +0,0 @@
-allow vendor_init mobicore_data_file:dir setattr;