From 2ef3daba5053058dea44f66805efe32661bba4d1 Mon Sep 17 00:00:00 2001
From: Rick Yiu <rickyiu@google.com>
Date: Thu, 12 Aug 2021 13:27:20 +0800
Subject: [PATCH] gs101-sepolicy: Use untrusted_app_all for vendor_sched
 denials

Use untrusted_app_all to cover all Use untrusted_app versions.

Bug: 196109806
Test: no untrusted_app denials for vendor_sched
Change-Id: Ic6426b26b8a05f8a0bc7e2a4a4a293b2988812d3
---
 whitechapel/vendor/google/untrusted_app.te     | 1 -
 whitechapel/vendor/google/untrusted_app_29.te  | 1 -
 whitechapel/vendor/google/untrusted_app_all.te | 2 ++
 3 files changed, 2 insertions(+), 2 deletions(-)
 delete mode 100644 whitechapel/vendor/google/untrusted_app.te
 delete mode 100644 whitechapel/vendor/google/untrusted_app_29.te

diff --git a/whitechapel/vendor/google/untrusted_app.te b/whitechapel/vendor/google/untrusted_app.te
deleted file mode 100644
index 4fbfe935..00000000
--- a/whitechapel/vendor/google/untrusted_app.te
+++ /dev/null
@@ -1 +0,0 @@
-dontaudit untrusted_app sysfs_vendor_sched:dir search;
diff --git a/whitechapel/vendor/google/untrusted_app_29.te b/whitechapel/vendor/google/untrusted_app_29.te
deleted file mode 100644
index 844bb6a4..00000000
--- a/whitechapel/vendor/google/untrusted_app_29.te
+++ /dev/null
@@ -1 +0,0 @@
-dontaudit untrusted_app_29 sysfs_vendor_sched:dir search;
diff --git a/whitechapel/vendor/google/untrusted_app_all.te b/whitechapel/vendor/google/untrusted_app_all.te
index a4d8beb8..04229ff6 100644
--- a/whitechapel/vendor/google/untrusted_app_all.te
+++ b/whitechapel/vendor/google/untrusted_app_all.te
@@ -1,3 +1,5 @@
 # Allows Exoplayer(and other applications) access to the vstream-secure DMA-BUF heap
 # for secure video playback
 allow untrusted_app_all dmabuf_system_secure_heap_device:chr_file r_file_perms;
+
+dontaudit untrusted_app_all sysfs_vendor_sched:dir search;