From ec6ba5806d16d8d80c79d79b70176dede6ef636b Mon Sep 17 00:00:00 2001
From: Randall Huang <huangrandall@google.com>
Date: Wed, 22 Nov 2023 13:06:59 +0800
Subject: [PATCH] Move sg_device related policy

Bug: 312582937
Test: make selinux_policy
Change-Id: I27a86d47777a6d769b93fc1c40ae27dacf83ab10
Signed-off-by: Randall Huang <huangrandall@google.com>
---
 whitechapel/vendor/google/file_contexts    | 1 -
 whitechapel/vendor/google/storageproxyd.te | 2 --
 2 files changed, 3 deletions(-)

diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts
index e2b0405c..c804c5a7 100644
--- a/whitechapel/vendor/google/file_contexts
+++ b/whitechapel/vendor/google/file_contexts
@@ -290,7 +290,6 @@
 /dev/trusty-ipc-dev0                 u:object_r:tee_device:s0
 /data/vendor/ss(/.*)?                u:object_r:tee_data_file:s0
 /mnt/vendor/persist/ss(/.*)?         u:object_r:persist_ss_file:s0
-/dev/sg1                             u:object_r:sg_device:s0
 
 # Battery
 /mnt/vendor/persist/battery(/.*)?    u:object_r:persist_battery_file:s0
diff --git a/whitechapel/vendor/google/storageproxyd.te b/whitechapel/vendor/google/storageproxyd.te
index e803c0c6..453caad1 100644
--- a/whitechapel/vendor/google/storageproxyd.te
+++ b/whitechapel/vendor/google/storageproxyd.te
@@ -1,4 +1,3 @@
-type sg_device, dev_type;
 type persist_ss_file, file_type, vendor_persist_type;
 
 # Handle wake locks
@@ -10,7 +9,6 @@ allow tee persist_file:dir r_dir_perms;
 allow tee mnt_vendor_file:dir r_dir_perms;
 allow tee tee_data_file:dir create_dir_perms;
 allow tee tee_data_file:lnk_file r_file_perms;
-allow tee sg_device:chr_file rw_file_perms;
 
 # Allow storageproxyd access to gsi_public_metadata_file
 read_fstab(tee)