From 89a7b21541000a8d62f07bba6265f4ff4b159389 Mon Sep 17 00:00:00 2001
From: Tri Vo <trong@google.com>
Date: Wed, 20 Dec 2017 10:03:31 -0800
Subject: [PATCH] system_server: remove access to /sys/class/leds.

Removing legacy rules. system_server now depends on Lights HAL (which
has its own domain) instead of /sys/class/leds.

Bug: 70846424
Test: sailfish boots; screen, flashlight work fine.

Change-Id: I6f116a599cab26ae71e45f462b33328bc8d43db5
---
 private/system_server.te | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/private/system_server.te b/private/system_server.te
index 7d7a1a689..46becd0cb 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -706,13 +706,6 @@ allow system_server proc_uid_time_in_state:dir r_dir_perms;
 
 r_dir_file(system_server, rootfs)
 
-### Rules needed when Light HAL runs inside system_server process.
-### These rules should eventually be granted only when needed.
-allow system_server sysfs_leds:lnk_file read;
-allow system_server sysfs_leds:file rw_file_perms;
-allow system_server sysfs_leds:dir r_dir_perms;
-###
-
 # Allow WifiService to start, stop, and read wifi-specific trace events.
 allow system_server debugfs_tracing_instances:dir search;
 allow system_server debugfs_wifi_tracing:dir search;
-- 
GitLab