From ffffed28fa1ef58e9afdccc7c95cfe0112675382 Mon Sep 17 00:00:00 2001
From: Fan Xu <fanxu@google.com>
Date: Mon, 10 Dec 2018 13:36:11 -0800
Subject: [PATCH] Remove unused bufferhub sepolicy

These selinux policy rules were added for bufferhub to run a binder
service. But later we decided to use a hwbinder service instead, and the
original binder service was removed in git/master. Now we can safely
remove these rules.

Test: Build passed. Device boot successfully without selinux denial.
Bug: 118891412
Change-Id: I349b5f0f2fa8fb6a7cfe7869d936791355c20753
---
 private/bufferhubd.te    | 4 ----
 private/service.te       | 1 -
 private/service_contexts | 1 -
 private/shell.te         | 3 ---
 4 files changed, 9 deletions(-)

diff --git a/private/bufferhubd.te b/private/bufferhubd.te
index 31328ac73..012eb2027 100644
--- a/private/bufferhubd.te
+++ b/private/bufferhubd.te
@@ -1,7 +1,3 @@
 typeattribute bufferhubd coredomain;
 
 init_daemon_domain(bufferhubd)
-
-# Permission for create binder service "bufferhubd"
-binder_use(bufferhubd);
-add_service(bufferhubd, buffer_hub_service);
diff --git a/private/service.te b/private/service.te
index 660bc1ed7..3fec8825a 100644
--- a/private/service.te
+++ b/private/service.te
@@ -1,3 +1,2 @@
-type buffer_hub_service, service_manager_type;
 type stats_service, service_manager_type;
 type statscompanion_service, system_server_service, service_manager_type;
diff --git a/private/service_contexts b/private/service_contexts
index 43479b32a..9b81e68c5 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -23,7 +23,6 @@ biometric                                 u:object_r:biometric_service:s0
 bluetooth_manager                         u:object_r:bluetooth_manager_service:s0
 bluetooth                                 u:object_r:bluetooth_service:s0
 broadcastradio                            u:object_r:broadcastradio_service:s0
-bufferhubd                                u:object_r:buffer_hub_service:s0
 carrier_config                            u:object_r:radio_service:s0
 clipboard                                 u:object_r:clipboard_service:s0
 com.android.net.IProxyService             u:object_r:IProxyService_service:s0
diff --git a/private/shell.te b/private/shell.te
index 885714dc4..8867112af 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -52,9 +52,6 @@ binder_call(shell, statsd);
 allow shell perfetto_traces_data_file:dir rw_dir_perms;
 allow shell perfetto_traces_data_file:file r_file_perms;
 
-# Allow shell-based "dumpsys" to call into bufferhubd.
-binder_call(shell, bufferhubd);
-
 # Allow shell to run adb shell cmd gpu commands.
 binder_call(shell, gpuservice);
 
-- 
GitLab