From 21426ea726ac9ffdfbeb6036de1afe0277be9109 Mon Sep 17 00:00:00 2001
From: "Chung-Kai (Michael) Mei" <chungkai@google.com>
Date: Wed, 21 Dec 2022 08:37:50 +0000
Subject: [PATCH] Revert "Fix avc denials for powerhal"

This reverts commit 92e550d83f7828a174856064ac570853f4158375.

Reason for revert: here's duplicated setting

Change-Id: I4188deee0010c5dd10501fd9b36ae3876c412322
---
 tracking_denials/hal_power_default.te | 32 +++++++++++++++++++++++++++
 tracking_denials/proc_vendor_sched.te |  2 ++
 vendor/file.te                        |  8 -------
 vendor/genfs_contexts                 |  5 -----
 vendor/hal_camera_default.te          |  1 -
 vendor/hal_fingerprint_default.te     |  1 -
 vendor/hal_power_default.te           |  6 -----
 7 files changed, 34 insertions(+), 21 deletions(-)
 create mode 100644 tracking_denials/hal_power_default.te
 create mode 100644 tracking_denials/proc_vendor_sched.te
 delete mode 100644 vendor/hal_camera_default.te
 delete mode 100644 vendor/hal_fingerprint_default.te
 delete mode 100644 vendor/hal_power_default.te

diff --git a/tracking_denials/hal_power_default.te b/tracking_denials/hal_power_default.te
new file mode 100644
index 00000000..760e2240
--- /dev/null
+++ b/tracking_denials/hal_power_default.te
@@ -0,0 +1,32 @@
+# b/260366126
+dontaudit hal_power_default sysfs:file { open };
+dontaudit hal_power_default sysfs:file { write };
+dontaudit hal_power_default sysfs_camera:file { open };
+dontaudit hal_power_default sysfs_camera:file { write };
+dontaudit hal_power_default sysfs_display:file { open };
+dontaudit hal_power_default sysfs_display:file { write };
+dontaudit hal_power_default sysfs_fabric:file { open };
+dontaudit hal_power_default sysfs_fabric:file { write };
+dontaudit hal_power_default vendor_camera_prop:property_service { set };
+# b/260769063
+dontaudit hal_power_default hal_graphics_composer_default:binder { transfer };
+# b/261105028
+dontaudit hal_power_default hal_fingerprint_default:binder { transfer };
+# b/261650934
+dontaudit hal_power_default hal_camera_default:binder { transfer };
+# b/262178497
+dontaudit hal_power_default sysfs_fabric:file { read };
+# b/262315567
+dontaudit hal_power_default sysfs:file { getattr };
+dontaudit hal_power_default sysfs:file { read };
+dontaudit hal_power_default sysfs_display:file { getattr };
+dontaudit hal_power_default sysfs_display:file { read };
+dontaudit hal_power_default sysfs_fabric:file { getattr };
+# b/262633072
+dontaudit hal_power_default hal_power_default:capability { dac_read_search };
+dontaudit hal_power_default sysfs_camera:file { getattr };
+dontaudit hal_power_default sysfs_camera:file { read };
+dontaudit hal_power_default vendor_camera_prop:file { getattr };
+dontaudit hal_power_default vendor_camera_prop:file { map };
+dontaudit hal_power_default vendor_camera_prop:file { open };
+dontaudit hal_power_default vendor_camera_prop:file { read };
diff --git a/tracking_denials/proc_vendor_sched.te b/tracking_denials/proc_vendor_sched.te
new file mode 100644
index 00000000..2bc19057
--- /dev/null
+++ b/tracking_denials/proc_vendor_sched.te
@@ -0,0 +1,2 @@
+# b/260366398
+dontaudit proc_vendor_sched proc:filesystem { associate };
diff --git a/vendor/file.te b/vendor/file.te
index cb696eef..2ce98bb8 100644
--- a/vendor/file.te
+++ b/vendor/file.te
@@ -1,10 +1,2 @@
 # persist
 type persist_display_file, file_type, vendor_persist_type;
-
-# Vendor sched files
-userdebug_or_eng(`
-    typeattribute proc_vendor_sched mlstrustedobject;
-')
-
-type sysfs_fabric, sysfs_type, fs_type;
-type sysfs_em_profile, sysfs_type, fs_type;
diff --git a/vendor/genfs_contexts b/vendor/genfs_contexts
index 0fcc5571..f30dc4fd 100644
--- a/vendor/genfs_contexts
+++ b/vendor/genfs_contexts
@@ -35,11 +35,6 @@ genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/serial_numb
 genfscon sysfs /devices/platform/19470000.drmdecon/dqe0/atc                                               u:object_r:sysfs_display:s0
 genfscon sysfs /module/drm/parameters/vblankoffdelay                                                      u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/exynos-drm/tui_status                                                    u:object_r:sysfs_display:s0
-# EM Profile
-genfscon sysfs /kernel/pixel_em/active_profile                            u:object_r:sysfs_em_profile:s0
-
-# GPU
-genfscon sysfs /devices/platform/1f000000.mali/hint_min_freq                   u:object_r:sysfs_gpu:s0
 
 # wake up nodes
 genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-0/6-0008/wakeup/wakeup                                                u:object_r:sysfs_wakeup:s0
diff --git a/vendor/hal_camera_default.te b/vendor/hal_camera_default.te
deleted file mode 100644
index d40ae838..00000000
--- a/vendor/hal_camera_default.te
+++ /dev/null
@@ -1 +0,0 @@
-hal_client_domain(hal_camera_default, hal_power);
diff --git a/vendor/hal_fingerprint_default.te b/vendor/hal_fingerprint_default.te
deleted file mode 100644
index 9e826a45..00000000
--- a/vendor/hal_fingerprint_default.te
+++ /dev/null
@@ -1 +0,0 @@
-hal_client_domain(hal_fingerprint_default, hal_power);
\ No newline at end of file
diff --git a/vendor/hal_power_default.te b/vendor/hal_power_default.te
deleted file mode 100644
index 300594e9..00000000
--- a/vendor/hal_power_default.te
+++ /dev/null
@@ -1,6 +0,0 @@
-allow hal_power_default sysfs_display:file rw_file_perms;
-allow hal_power_default sysfs_gpu:file rw_file_perms;
-allow hal_power_default sysfs_fabric:file rw_file_perms;
-allow hal_power_default sysfs_camera:file rw_file_perms;
-allow hal_power_default sysfs_em_profile:file rw_file_perms;
-set_prop(hal_power_default, vendor_camera_prop);