Merge adf_device into graphics_device

As of sepolicy commit a16a59e2 (https://android-review.googlesource.com/94580), adf_device and graphics_device have the exact same security properties. Merge them into one type to avoid a proliferation of SELinux types. Change-Id: Ib1a24f5d880798600e103b9e14934e41abb1ef95

Merge adf_device into graphics_device
As of sepolicy commit a16a59e2 (https://android-review.googlesource.com/94580), adf_device and graphics_device have the exact same security properties. Merge them into one type to avoid a proliferation of SELinux types. Change-Id: Ib1a24f5d880798600e103b9e14934e41abb1ef95
84ed890a · Nick Kralevich · 6f6c4255 · 84ed890a · 84ed890a · 84ed890a
Commit 84ed890a authored 10 years ago by Nick Kralevich
--- a/app.te
+++ b/app.te
@@ -194,10 +194,7 @@ neverallow { appdomain -unconfineddomain } {
 }:chr_file { read write };
 # Note: Try expanding list of app domains in the future.
-neverallow { untrusted_app isolated_app shell -unconfineddomain } {
+neverallow { untrusted_app isolated_app shell -unconfineddomain } graphics_device:chr_file { read write };
-    adf_device
-    graphics_device
-}:chr_file { read write };
 neverallow { appdomain -nfc -unconfineddomain } nfc_device:chr_file
    { read write };

--- a/device.te
+++ b/device.te
@@ -2,7 +2,6 @@
 type device, dev_type, fs_type;
 type alarm_device, dev_type, mlstrustedobject;
 type adb_device, dev_type;
-type adf_device, dev_type;
 type ashmem_device, dev_type, mlstrustedobject;
 type audio_device, dev_type;
 type binder_device, dev_type, mlstrustedobject;

--- a/file_contexts
+++ b/file_contexts
@@ -31,9 +31,9 @@
 /dev(/.*)?		u:object_r:device:s0
 /dev/akm8973.*		u:object_r:sensors_device:s0
 /dev/accelerometer	u:object_r:sensors_device:s0
-/dev/adf[0-9]*		u:object_r:adf_device:s0
+/dev/adf[0-9]*		u:object_r:graphics_device:s0
-/dev/adf-interface[0-9]*\.[0-9]*	u:object_r:adf_device:s0
+/dev/adf-interface[0-9]*\.[0-9]*	u:object_r:graphics_device:s0
-/dev/adf-overlay-engine[0-9]*\.[0-9]*	u:object_r:adf_device:s0
+/dev/adf-overlay-engine[0-9]*\.[0-9]*	u:object_r:graphics_device:s0
 /dev/alarm		u:object_r:alarm_device:s0
 /dev/android_adb.*	u:object_r:adb_device:s0
 /dev/ashmem		u:object_r:ashmem_device:s0

--- a/healthd.te
+++ b/healthd.te
@@ -23,7 +23,6 @@ allow healthd sysfs:file write;
 ### healthd: charger mode
 ###
-allow healthd adf_device:chr_file rw_file_perms;
 allow healthd graphics_device:dir r_dir_perms;
 allow healthd graphics_device:chr_file rw_file_perms;
 allow healthd input_device:dir r_dir_perms;

--- a/surfaceflinger.te
+++ b/surfaceflinger.te
@@ -29,9 +29,6 @@ allow surfaceflinger gpu_device:chr_file rw_file_perms;
 allow surfaceflinger graphics_device:dir search;
 allow surfaceflinger graphics_device:chr_file rw_file_perms;
-# Access ADF device nodes.
-allow surfaceflinger adf_device:chr_file rw_file_perms;
 # Access /dev/video1.
 allow surfaceflinger video_device:dir r_dir_perms;
 allow surfaceflinger video_device:chr_file rw_file_perms;