Merge "Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common." into main

2024-04-11 02:03:26 +00:00 · 2024-04-11 02:03:26 +00:00 · e2da6846cb
commit e2da6846cb
parent 05a3a75caf 2761dbe28b
4 changed files with 0 additions and 54 deletions
--- a/legacy/zuma/vendor/ramdump_app.te
+++ b/legacy/zuma/vendor/ramdump_app.te
@ -1,24 +0,0 @@
-type ramdump_app, domain;
-
-userdebug_or_eng(`
-  app_domain(ramdump_app)
-
-  allow ramdump_app app_api_service:service_manager find;
-
-  allow ramdump_app ramdump_vendor_data_file:file create_file_perms;
-  allow ramdump_app ramdump_vendor_data_file:dir create_dir_perms;
-
-  set_prop(ramdump_app, vendor_ramdump_prop)
-  get_prop(ramdump_app, system_boot_reason_prop)
-
-  # To access ramdumpfs.
-  allow ramdump_app mnt_vendor_file:dir search;
-  allow ramdump_app ramdump_vendor_mnt_file:dir create_dir_perms;
-  allow ramdump_app ramdump_vendor_mnt_file:file create_file_perms;
-
-  # To access subsystem ramdump files and dirs.
-  allow ramdump_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
-  allow ramdump_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
-  allow ramdump_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
-  allow ramdump_app sscoredump_vendor_data_coredump_file:file r_file_perms;
-')
--- a/radio/seapp_contexts
+++ b/radio/seapp_contexts
@ -1,6 +1,3 @@
-# Sub System Ramdump
-user=system seinfo=platform name=com.google.SSRestartDetector domain=ssr_detector_app type=system_app_data_file levelFrom=user
-
 # CBRS setup app
 user=_app seinfo=platform name=com.google.googlecbrs domain=cbrs_setup_app type=app_data_file levelFrom=user

--- a/radio/ssr_detector.te
+++ b/radio/ssr_detector.te
@ -1,24 +0,0 @@
-type ssr_detector_app, domain;
-
-app_domain(ssr_detector_app)
-allow ssr_detector_app app_api_service:service_manager find;
-allow ssr_detector_app radio_service:service_manager find;
-
-allow ssr_detector_app system_app_data_file:dir create_dir_perms;
-allow ssr_detector_app system_app_data_file:file create_file_perms;
-
-allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
-allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
-userdebug_or_eng(`
-  allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
-  allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
-  get_prop(ssr_detector_app, vendor_aoc_prop)
-  allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
-  allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
-  allow ssr_detector_app proc_vendor_sched:dir search;
-  allow ssr_detector_app proc_vendor_sched:file rw_file_perms;
-  allow ssr_detector_app cgroup:file write;
-')
-
-get_prop(ssr_detector_app, vendor_ssrdump_prop)
-get_prop(ssr_detector_app, vendor_wifi_version)
--- a/tracking_denials/seapp_contexts
+++ b/tracking_denials/seapp_contexts
@ -1,9 +1,6 @@
 # Domain for EuiccSupportPixel
 user=_app isPrivApp=true seinfo=EuiccSupportPixel name=com.google.euiccpixel domain=euiccpixel_app type=app_data_file levelFrom=all

-# coredump/ramdump
-user=_app seinfo=platform name=com.android.ramdump domain=ramdump_app type=app_data_file levelFrom=all
-
 # Domain for connectivity monitor
 user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all