Merge "vold: remove access to /proc/net files"

b1f6942c · Treehugger Robot · Gerrit Code Review · 99ce20e5 · 1c5d223b · b1f6942c
Commit b1f6942c authored 6 years ago by Treehugger Robot Committed by Gerrit Code Review 6 years ago
--- a/public/vold.te
+++ b/public/vold.te
@@ -7,12 +7,6 @@ allow vold cache_file:dir r_dir_perms;
 allow vold cache_file:file { getattr read };
 allow vold cache_file:lnk_file r_file_perms;

-# Read access to pseudo filesystems.
-r_dir_file(vold, proc_net_type)
-userdebug_or_eng(`
-  auditallow vold proc_net_type:{ dir file lnk_file } { getattr open read };
-')
-
 r_dir_file(vold, { sysfs_type -sysfs_batteryinfo })
 # XXX Label sysfs files with a specific type?
 allow vold sysfs:file w_file_perms; # writing to /sys/*/uevent during coldboot.