Merge "Move domain_deprecated into private policy" into oc-dev

am: 02a101a6 Change-Id: I0140009cfbf316489db4994b414ac079776ead21

Merge "Move domain_deprecated into private policy" into oc-dev
am: 02a101a6 Change-Id: I0140009cfbf316489db4994b414ac079776ead21
35e09523 · Jeff Vander Stoep · android-build-merger · 270e70be · 02a101a6 · 35e09523
Commit 35e09523 authored 7 years ago by Jeff Vander Stoep Committed by android-build-merger 7 years ago
--- a/private/ueventd.te
+++ b/private/ueventd.te
 typeattribute ueventd coredomain;
+typeattribute ueventd domain_deprecated;

 tmpfs_domain(ueventd)
--- a/private/uncrypt.te
+++ b/private/uncrypt.te
 typeattribute uncrypt coredomain;
+typeattribute uncrypt domain_deprecated;

 init_daemon_domain(uncrypt)
--- a/private/update_engine.te
+++ b/private/update_engine.te
 typeattribute update_engine coredomain;
+typeattribute update_engine domain_deprecated;

 init_daemon_domain(update_engine);
--- a/private/vold.te
+++ b/private/vold.te
 typeattribute vold coredomain;
+typeattribute vold domain_deprecated;

 init_daemon_domain(vold)


--- a/public/attributes
+++ b/public/attributes
@@ -10,16 +10,6 @@ attribute dev_type;
 # All types used for processes.
 attribute domain;

-# Temporary attribute used for migrating permissions out of domain.
-# Motivation: Domain is overly permissive. Start removing permissions
-# from domain and assign them to the domain_deprecated attribute.
-# Domain_deprecated and domain can initially be assigned to all
-# domains. The goal is to not assign domain_deprecated to new domains
-# and to start removing domain_deprecated where it's not required or
-# reassigning the appropriate permissions to the inheriting domain
-# when necessary.
-attribute domain_deprecated;
-
 # All types used for filesystems.
 # On change, update CHECK_FC_ASSERT_ATTRS
 # definition in tools/checkfc.c.

--- a/public/clatd.te
+++ b/public/clatd.te
 # 464xlat daemon
-type clatd, domain, domain_deprecated;
+type clatd, domain;
 type clatd_exec, exec_type, file_type;

 net_domain(clatd)

--- a/public/dex2oat.te
+++ b/public/dex2oat.te
 # dex2oat
-type dex2oat, domain, domain_deprecated;
+type dex2oat, domain;
 type dex2oat_exec, exec_type, file_type;

 r_dir_file(dex2oat, apk_data_file)

--- a/public/dhcp.te
+++ b/public/dhcp.te
-type dhcp, domain, domain_deprecated;
+type dhcp, domain;
 type dhcp_exec, exec_type, file_type;

 net_domain(dhcp)

--- a/public/dumpstate.te
+++ b/public/dumpstate.te
 # dumpstate
-type dumpstate, domain, domain_deprecated, mlstrustedsubject;
+type dumpstate, domain, mlstrustedsubject;
 type dumpstate_exec, exec_type, file_type;

 net_domain(dumpstate)

--- a/public/fingerprintd.te
+++ b/public/fingerprintd.te
-type fingerprintd, domain, domain_deprecated;
+type fingerprintd, domain;
 type fingerprintd_exec, exec_type, file_type;

 binder_use(fingerprintd)

--- a/public/fsck.te
+++ b/public/fsck.te
 # Any fsck program run by init
-type fsck, domain, domain_deprecated;
+type fsck, domain;
 type fsck_exec, exec_type, file_type;

 # /dev/__null__ created by init prior to policy load,

--- a/public/fsck_untrusted.te
+++ b/public/fsck_untrusted.te
 # Any fsck program run on untrusted block devices
-type fsck_untrusted, domain, domain_deprecated;
+type fsck_untrusted, domain;

 # Inherit and use pty created by android_fork_execvp_ext().
 allow fsck_untrusted devpts:chr_file { read write ioctl getattr };

--- a/public/installd.te
+++ b/public/installd.te
 # installer daemon
-type installd, domain, domain_deprecated;
+type installd, domain;
 type installd_exec, exec_type, file_type;
 typeattribute installd mlstrustedsubject;
 allow installd self:capability { chown dac_override fowner fsetid setgid setuid sys_admin };

--- a/public/keystore.te
+++ b/public/keystore.te
-type keystore, domain, domain_deprecated;
+type keystore, domain;
 type keystore_exec, exec_type, file_type;

 # keystore daemon

--- a/public/mtp.te
+++ b/public/mtp.te
 # vpn tunneling protocol manager
-type mtp, domain, domain_deprecated;
+type mtp, domain;
 type mtp_exec, exec_type, file_type;

 net_domain(mtp)

--- a/public/netd.te
+++ b/public/netd.te
 # network manager
-type netd, domain, domain_deprecated, mlstrustedsubject;
+type netd, domain, mlstrustedsubject;
 type netd_exec, exec_type, file_type;

 net_domain(netd)

--- a/public/perfprofd.te
+++ b/public/perfprofd.te
@@ -4,7 +4,6 @@ type perfprofd_exec, exec_type, file_type;

 userdebug_or_eng(`

-  typeattribute perfprofd domain_deprecated;
  typeattribute perfprofd coredomain;
  typeattribute perfprofd mlstrustedsubject;


--- a/public/ppp.te
+++ b/public/ppp.te
 # Point to Point Protocol daemon
-type ppp, domain, domain_deprecated;
+type ppp, domain;
 type ppp_device, dev_type;
 type ppp_exec, exec_type, file_type;


--- a/public/radio.te
+++ b/public/radio.te
 # phone subsystem
-type radio, domain, domain_deprecated, mlstrustedsubject;
+type radio, domain, mlstrustedsubject;

 net_domain(radio)
 bluetooth_domain(radio)

--- a/public/recovery.te
+++ b/public/recovery.te
@@ -2,7 +2,7 @@

 # Declare the domain unconditionally so we can always reference it
 # in neverallow rules.
-type recovery, domain, domain_deprecated;
+type recovery, domain;

 # But the allow rules are only included in the recovery policy.
 # Otherwise recovery is only allowed the domain rules.