From db7bc4bf93e114b81f38d43b43b9708314e06440 Mon Sep 17 00:00:00 2001
From: Jeffrey Vander Stoep <jeffv@google.com>
Date: Tue, 28 Jul 2015 18:14:19 +0000
Subject: [PATCH] Revert "Do not allow apps to access network address file"

This reverts commit 2dabf1743ac89c0b683768c3f3231eb7c00448a1.

Change-Id: I7e35a6ea1b8d5958c65eb04a7c9a04ba807b1181
---
 file.te          | 1 -
 system_server.te | 3 ---
 untrusted_app.te | 3 ---
 3 files changed, 7 deletions(-)

diff --git a/file.te b/file.te
index d3b09796e..623bb8df3 100644
--- a/file.te
+++ b/file.te
@@ -21,7 +21,6 @@ type sysfs_writable, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_wake_lock, fs_type, sysfs_type;
-type sysfs_mac_address, fs_type, sysfs_type;
 # /sys/devices/system/cpu
 type sysfs_devices_system_cpu, fs_type, sysfs_type;
 # /sys/module/lowmemorykiller
diff --git a/system_server.te b/system_server.te
index 0c4df43b7..2a1664210 100644
--- a/system_server.te
+++ b/system_server.te
@@ -417,9 +417,6 @@ allow system_server sdcard_type:dir { getattr search };
 # Traverse into expanded storage
 allow system_server mnt_expand_file:dir r_dir_perms;
 
-# Allow system process to read network MAC address
-allow system_server sysfs_mac_address:file r_file_perms;
-
 ###
 ### Neverallow rules
 ###
diff --git a/untrusted_app.te b/untrusted_app.te
index bcadc5209..72d0a1bbf 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -142,6 +142,3 @@ neverallow untrusted_app mlstrustedsubject:process fork;
 # bugs, so we want to ensure untrusted_app never has this
 # capability.
 neverallow untrusted_app file_type:file link;
-
-# Do not allow untrusted_app to access network MAC address file
-neverallow untrusted_app sysfs_mac_address:file no_rw_file_perms;
-- 
GitLab