From c2aad29d0577f0579d821a3e4704a143327195bd Mon Sep 17 00:00:00 2001
From: Alan Stokes <alanstokes@google.com>
Date: Fri, 20 Jul 2018 12:59:46 +0100
Subject: [PATCH] Re-order rules to match AOSP.

This is to avoid merge problems if we make any further changes in AOSP.

Test: Builds.
Change-Id: Ib4193d31c02dda300513f82f6c7426a2e81d8111
---
 private/untrusted_app_all.te | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index e28f66c90..c9bf65fa6 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te
@@ -126,10 +126,6 @@ unix_socket_connect(untrusted_app_all, traced_producer, traced)
 allow untrusted_app_all system_server:udp_socket {
         connect getattr read recvfrom sendto write getopt setopt };
 
-# Allow the allocation and use of ptys
-# Used by: https://play.google.com/store/apps/details?id=jackpal.androidterm
-create_pty(untrusted_app_all)
-
 # This is allowed for targetSdkVersion <= 25 but disallowed on newer versions.
 dontaudit untrusted_app_all net_dns_prop:file read;
 
@@ -139,6 +135,10 @@ dontaudit untrusted_app_all proc_stat:file read;
 dontaudit untrusted_app_all proc_vmstat:file read;
 dontaudit untrusted_app_all proc_uptime:file read;
 
+# Allow the allocation and use of ptys
+# Used by: https://play.google.com/store/apps/details?id=jackpal.androidterm
+create_pty(untrusted_app_all)
+
 # /proc/net access.
 # TODO(b/9496886) Audit access for removal.
 # VPN apps require access to /proc/net/{tcp,udp} so access will need to be
-- 
GitLab