remove untraceable rules

Bug: 196916111 Test: boot to home 01-01 12:00:13.140 903 903 I Binder:903_1: type=1400 audit(0.0:9): avc: denied { quotaget } for scontext=u:r:installd:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=1 Change-Id: Iec8f2495b13df6b035af0cf11f67cd1525bcf9ea
2021-09-13 10:59:16 +08:00 · 2021-09-13 10:59:16 +08:00 · 953c43b31a
commit 953c43b31a
parent 0a091e5308
9 changed files with 0 additions and 45 deletions
--- a/legacy/audioserver.te
+++ b/legacy/audioserver.te
@ -1,2 +0,0 @@
-# allow access to ALSA MMAP FDs for AAudio API
-allow audioserver audio_device:chr_file r_file_perms;
--- a/legacy/bootanim.te
+++ b/legacy/bootanim.te
@ -1,5 +0,0 @@
-# TODO(b/62954877). On Android Wear, bootanim reads the time
-# during boot to display. It currently gets that time from a file
-# in /data/system. This should be moved. In the meantime, suppress
-# this denial on phones since this functionality is not used.
-dontaudit bootanim system_data_file:dir r_dir_perms;
--- a/legacy/dumpstate.te
+++ b/legacy/dumpstate.te
@ -1,16 +0,0 @@
-dump_hal(hal_telephony)
-dump_hal(hal_graphics_composer)
-
-userdebug_or_eng(`
-  allow dumpstate media_rw_data_file:file append;
-')
-
-allow dumpstate sysfs_scsi_devices_0000:file r_file_perms;
-allow dumpstate persist_file:dir r_dir_perms;
-
-allow dumpstate modem_efs_file:dir getattr;
-allow dumpstate modem_img_file:dir getattr;
-allow dumpstate modem_userdata_file:dir getattr;
-allow dumpstate fuse:dir search;
-
-dontaudit dumpstate vendor_dmabuf_debugfs:file r_file_perms;
--- a/legacy/radio.te
+++ b/legacy/radio.te
@ -1 +0,0 @@
-allow radio hal_exynos_rild_hwservice:hwservice_manager find;
--- a/legacy/shell.te
+++ b/legacy/shell.te
@ -1,7 +0,0 @@
-allow shell eco_service:service_manager find;
-
-# Allow access to the SJTAG kernel interface from the shell
-userdebug_or_eng(`
-  allow shell vendor_sjtag_debugfs:dir r_dir_perms;
-  allow shell vendor_sjtag_debugfs:file rw_file_perms;
-')
--- a/legacy/system_app.te
+++ b/legacy/system_app.te
@ -1,6 +0,0 @@
-allow system_app sysfs_vendor_sched:file w_file_perms;
-
-allow system_app hal_wlc_hwservice:hwservice_manager find;
-binder_call(system_app, hal_wlc)
-
-allow system_app fwk_stats_hwservice:hwservice_manager find;
--- a/legacy/system_server.te
+++ b/legacy/system_server.te
@ -1,5 +0,0 @@
-# Allow system server to send sensor data callbacks to GPS and camera HALs
-binder_call(system_server, gpsd);
-binder_call(system_server, hal_camera_default);
-# Allow system server to find vendor uwb service
-allow system_server uwb_vendor_service:service_manager find;
--- a/legacy/toolbox.te
+++ b/legacy/toolbox.te
@ -1,3 +0,0 @@
-allow toolbox ram_device:blk_file rw_file_perms;
-allow toolbox per_boot_file:dir create_dir_perms;
-allow toolbox per_boot_file:file create_file_perms;
--- a/whitechapel_pro/installd.te
+++ b/whitechapel_pro/installd.te
				`@ -1 +0,0 @@`
				`allow radio hal_exynos_rild_hwservice:hwservice_manager find;`