Remove dead *_device types from system sepolicy.

No coredomain domain has access to these types and corresponding /dev nodes don't exist on the device: audio_seq_device audio_timer_device full_device i2c_device vcs_device Bug: 110962171 Test: m selinux_policy Test: boot walleye Change-Id: I89ad4755e6760aa166cb22e2655567e5905dc672

Remove dead *_device types from system sepolicy.
No coredomain domain has access to these types and corresponding /dev nodes don't exist on the device: audio_seq_device audio_timer_device full_device i2c_device vcs_device Bug: 110962171 Test: m selinux_policy Test: boot walleye Change-Id: I89ad4755e6760aa166cb22e2655567e5905dc672
b805adaa · Tri Vo · 3e8f7bcd · b805adaa · b805adaa · b805adaa
Commit b805adaa authored 6 years ago by Tri Vo
--- a/private/compat/28.0/28.0.cil
+++ b/private/compat/28.0/28.0.cil
 ;; types removed from current policy
+(type audio_seq_device)
+(type audio_timer_device)
 (type commontime_management_service)
+(type full_device)
+(type i2c_device)
 (type mediacodec)
 (type mediacodec_exec)
 (type qtaguid_proc)
 (type thermalcallback_hwservice)
 (type untrusted_v2_app)
+(type vcs_device)
 ;; Public 28.0 SEPolicy is divergent on different devices w.r.t
 ;; exported_audio_prop type. We need this typeattribute declaration so that the

--- a/private/file_contexts
+++ b/private/file_contexts
@@ -90,12 +90,10 @@
 /dev/eac		u:object_r:audio_device:s0
 /dev/event-log-tags     u:object_r:runtime_event_log_tags_file:s0
 /dev/fscklogs(/.*)?	u:object_r:fscklogs:s0
-/dev/full		u:object_r:full_device:s0
 /dev/fuse		u:object_r:fuse_device:s0
 /dev/graphics(/.*)?	u:object_r:graphics_device:s0
 /dev/hw_random		u:object_r:hw_random_device:s0
 /dev/hwbinder		u:object_r:hwbinder_device:s0
-/dev/i2c-[0-9]+		u:object_r:i2c_device:s0
 /dev/input(/.*)?	u:object_r:input_device:s0
 /dev/iio:device[0-9]+   u:object_r:iio_device:s0
 /dev/ion		u:object_r:ion_device:s0
@@ -121,8 +119,6 @@
 /dev/rproc_user	u:object_r:rpmsg_device:s0
 /dev/rtc[0-9]      u:object_r:rtc_device:s0
 /dev/snd(/.*)?		u:object_r:audio_device:s0
-/dev/snd/audio_timer_device	u:object_r:audio_timer_device:s0
-/dev/snd/audio_seq_device	u:object_r:audio_seq_device:s0
 /dev/socket(/.*)?	u:object_r:socket_device:s0
 /dev/socket/adbd	u:object_r:adbd_socket:s0
 /dev/socket/dnsproxyd	u:object_r:dnsproxyd_socket:s0
@@ -173,7 +169,6 @@
 /dev/urandom		u:object_r:random_device:s0
 /dev/usb_accessory	u:object_r:usbaccessory_device:s0
 /dev/v4l-touch[0-9]*	u:object_r:input_device:s0
-/dev/vcs[0-9a-z]*	u:object_r:vcs_device:s0
 /dev/video[0-9]*	u:object_r:video_device:s0
 /dev/vndbinder		u:object_r:vndbinder_device:s0
 /dev/watchdog		u:object_r:watchdog_device:s0

--- a/public/device.te
+++ b/public/device.te
@@ -3,8 +3,6 @@ type device, dev_type, fs_type;
 type alarm_device, dev_type, mlstrustedobject;
 type ashmem_device, dev_type, mlstrustedobject;
 type audio_device, dev_type;
-type audio_timer_device, dev_type;
-type audio_seq_device, dev_type;
 type binder_device, dev_type, mlstrustedobject;
 type hwbinder_device, dev_type, mlstrustedobject;
 type vndbinder_device, dev_type;
@@ -22,7 +20,6 @@ type vold_device, dev_type;
 type console_device, dev_type;
 type cpuctl_device, dev_type;
 type fscklogs, dev_type;
-type full_device, dev_type;
 # GPU (used by most UI apps)
 type gpu_device, dev_type, mlstrustedobject;
 type graphics_device, dev_type;
@@ -46,7 +43,6 @@ type socket_device, dev_type;
 type owntty_device, dev_type, mlstrustedobject;
 type tty_device, dev_type;
 type video_device, dev_type;
-type vcs_device, dev_type;
 type zero_device, dev_type, mlstrustedobject;
 type fuse_device, dev_type, mlstrustedobject;
 type iio_device, dev_type;
@@ -61,7 +57,6 @@ type usb_device, dev_type, mlstrustedobject;
 type properties_device, dev_type;
 type properties_serial, dev_type;
 type property_info, dev_type;
-type i2c_device, dev_type;
 # All devices have a uart for the hci
 # attach service. The uart dev node