am cac1fc6d: am 5bb6eeb9: am d9c312b5: Merge "Allow all domains access to /dev/qemu_trace."

* commit 'cac1fc6dd5daf5f03bacf8749f888d196985fda8': Allow all domains access to /dev/qemu_trace.
author: dcashman <dcashman@google.com> 2014-06-17 01:30:39 +0000
committer: Android Git Automerger <android-git-automerger@android.com> 2014-06-17 01:30:39 +0000
commit: 6672745d18557e369e81090be89c0a8ded56a979 (patch)
tree: 60c4b6bf69c7d3e44f77decf6ae7182c13ae037f /target/board
parent: b107fdd6a983684f58e084c0784231553c7f2048 (diff)
parent: cac1fc6dd5daf5f03bacf8749f888d196985fda8 (diff)
download: build-6672745d18557e369e81090be89c0a8ded56a979.zip
build-6672745d18557e369e81090be89c0a8ded56a979.tar.gz
build-6672745d18557e369e81090be89c0a8ded56a979.tar.bz2
21 files changed, 4 insertions, 30 deletions
diff --git a/target/board/generic/BoardConfig.mk b/target/board/generic/BoardConfig.mk
index 6d58b1c..62303d6 100644
--- a/target/board/generic/BoardConfig.mk
+++ b/target/board/generic/BoardConfig.mk
@@ -77,17 +77,13 @@ TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
 
 BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
 BOARD_SEPOLICY_UNION += \
-        adbd.te \
-        app.te \
         bootanim.te \
         device.te \
         domain.te \
         file.te \
         file_contexts \
-        mediaserver.te \
         qemud.te \
         rild.te \
         shell.te \
         surfaceflinger.te \
-        system_server.te \
-        zygote.te
+        system_server.te
diff --git a/target/board/generic/sepolicy/adbd.te b/target/board/generic/sepolicy/adbd.te
deleted file mode 100644
index f65cfb3..0000000
--- a/target/board/generic/sepolicy/adbd.te
+++ /dev/null
@@ -1 +0,0 @@
-allow adbd qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic/sepolicy/app.te b/target/board/generic/sepolicy/app.te
deleted file mode 100644
index fd33453..0000000
--- a/target/board/generic/sepolicy/app.te
+++ /dev/null
@@ -1 +0,0 @@
-allow appdomain qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic/sepolicy/bootanim.te b/target/board/generic/sepolicy/bootanim.te
index a5a84f9..d6506e1 100644
--- a/target/board/generic/sepolicy/bootanim.te
+++ b/target/board/generic/sepolicy/bootanim.te
@@ -1,3 +1,2 @@
 allow bootanim self:process execmem;
 allow bootanim ashmem_device:chr_file execute;
-allow bootanim qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic/sepolicy/domain.te b/target/board/generic/sepolicy/domain.te
index f026100..c28ca74 100644
--- a/target/board/generic/sepolicy/domain.te
+++ b/target/board/generic/sepolicy/domain.te
@@ -1,2 +1,3 @@
 # For /sys/qemu_trace files in the emulator.
 allow domain sysfs_writable:file rw_file_perms;
+allow domain qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic/sepolicy/mediaserver.te b/target/board/generic/sepolicy/mediaserver.te
deleted file mode 100644
index 90b8cf8..0000000
--- a/target/board/generic/sepolicy/mediaserver.te
+++ /dev/null
@@ -1 +0,0 @@
-allow mediaserver qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic/sepolicy/rild.te b/target/board/generic/sepolicy/rild.te
index 5de171a..e148b6c 100644
--- a/target/board/generic/sepolicy/rild.te
+++ b/target/board/generic/sepolicy/rild.te
@@ -1,2 +1 @@
-allow rild qemu_device:chr_file rw_file_perms;
 unix_socket_connect(rild, qemud, qemud)
diff --git a/target/board/generic/sepolicy/surfaceflinger.te b/target/board/generic/sepolicy/surfaceflinger.te
index 6712789..4c35469 100644
--- a/target/board/generic/sepolicy/surfaceflinger.te
+++ b/target/board/generic/sepolicy/surfaceflinger.te
@@ -1,3 +1,2 @@
 allow surfaceflinger self:process execmem;
 allow surfaceflinger ashmem_device:chr_file execute;
-allow surfaceflinger qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic/sepolicy/system_server.te b/target/board/generic/sepolicy/system_server.te
index ef4ce4a..d0fb79d 100644
--- a/target/board/generic/sepolicy/system_server.te
+++ b/target/board/generic/sepolicy/system_server.te
@@ -1,2 +1 @@
 unix_socket_connect(system_server, qemud, qemud)
-allow system_server qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic/sepolicy/zygote.te b/target/board/generic/sepolicy/zygote.te
deleted file mode 100644
index a5da574..0000000
--- a/target/board/generic/sepolicy/zygote.te
+++ /dev/null
@@ -1 +0,0 @@
-allow zygote qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_mips/BoardConfig.mk b/target/board/generic_mips/BoardConfig.mk
index 17e241d..a319ad7 100644
--- a/target/board/generic_mips/BoardConfig.mk
+++ b/target/board/generic_mips/BoardConfig.mk
@@ -59,13 +59,11 @@ TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
 
 BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
 BOARD_SEPOLICY_UNION += \
-        adbd.te \
         bootanim.te \
         device.te \
         domain.te \
         file.te \
         file_contexts \
-        mediaserver.te \
         qemud.te \
         rild.te \
         shell.te \
diff --git a/target/board/generic_x86/BoardConfig.mk b/target/board/generic_x86/BoardConfig.mk
index 5277cdc..2dc7615 100644
--- a/target/board/generic_x86/BoardConfig.mk
+++ b/target/board/generic_x86/BoardConfig.mk
@@ -44,19 +44,13 @@ TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
 
 BOARD_SEPOLICY_DIRS += build/target/board/generic_x86/sepolicy
 BOARD_SEPOLICY_UNION += \
-        app.te \
-        adbd.te \
-        bootanim.te \
         device.te \
         domain.te \
         file.te \
         file_contexts \
         healthd.te \
         installd.te \
-        mediaserver.te \
         qemud.te \
         rild.te \
         shell.te \
-        surfaceflinger.te \
-        system_server.te \
-        zygote.te
+        system_server.te
diff --git a/target/board/generic_x86/sepolicy/adbd.te b/target/board/generic_x86/sepolicy/adbd.te
deleted file mode 100644
index f65cfb3..0000000
--- a/target/board/generic_x86/sepolicy/adbd.te
+++ /dev/null
@@ -1 +0,0 @@
-allow adbd qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_x86/sepolicy/app.te b/target/board/generic_x86/sepolicy/app.te
deleted file mode 100644
index fd33453..0000000
--- a/target/board/generic_x86/sepolicy/app.te
+++ /dev/null
@@ -1 +0,0 @@
-allow appdomain qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_x86/sepolicy/bootanim.te b/target/board/generic_x86/sepolicy/bootanim.te
deleted file mode 100644
index 762a573..0000000
--- a/target/board/generic_x86/sepolicy/bootanim.te
+++ /dev/null
@@ -1 +0,0 @@
-allow bootanim qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_x86/sepolicy/domain.te b/target/board/generic_x86/sepolicy/domain.te
index c17950d..c3161b3 100644
--- a/target/board/generic_x86/sepolicy/domain.te
+++ b/target/board/generic_x86/sepolicy/domain.te
@@ -1,3 +1,4 @@
 # For /sys/qemu_trace files in the emulator.
 allow domain sysfs_writable:file rw_file_perms;
 allow domain cpuctl_device:dir search;
+allow domain qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_x86/sepolicy/mediaserver.te b/target/board/generic_x86/sepolicy/mediaserver.te
deleted file mode 100644
index 90b8cf8..0000000
--- a/target/board/generic_x86/sepolicy/mediaserver.te
+++ /dev/null
@@ -1 +0,0 @@
-allow mediaserver qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_x86/sepolicy/rild.te b/target/board/generic_x86/sepolicy/rild.te
index 5de171a..e148b6c 100644
--- a/target/board/generic_x86/sepolicy/rild.te
+++ b/target/board/generic_x86/sepolicy/rild.te
@@ -1,2 +1 @@
-allow rild qemu_device:chr_file rw_file_perms;
 unix_socket_connect(rild, qemud, qemud)
diff --git a/target/board/generic_x86/sepolicy/surfaceflinger.te b/target/board/generic_x86/sepolicy/surfaceflinger.te
deleted file mode 100644
index 865405c..0000000
--- a/target/board/generic_x86/sepolicy/surfaceflinger.te
+++ /dev/null
@@ -1 +0,0 @@
-allow surfaceflinger qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_x86/sepolicy/system_server.te b/target/board/generic_x86/sepolicy/system_server.te
index 9bfe5fe..0ede971 100644
--- a/target/board/generic_x86/sepolicy/system_server.te
+++ b/target/board/generic_x86/sepolicy/system_server.te
@@ -1,3 +1,2 @@
 allow system_server self:process execmem;
 unix_socket_connect(system_server, qemud, qemud)
-allow system_server qemu_device:chr_file rw_file_perms;
diff --git a/target/board/generic_x86/sepolicy/zygote.te b/target/board/generic_x86/sepolicy/zygote.te
index d34c4a1..93993a4 100644
--- a/target/board/generic_x86/sepolicy/zygote.te
+++ b/target/board/generic_x86/sepolicy/zygote.te
@@ -1,3 +1,2 @@
 allow zygote self:process execmem;
 allow zygote self:capability sys_nice;
-allow zygote qemu_device:chr_file rw_file_perms;
author	dcashman <dcashman@google.com>	2014-06-17 01:30:39 +0000
committer	Android Git Automerger <android-git-automerger@android.com>	2014-06-17 01:30:39 +0000
commit	6672745d18557e369e81090be89c0a8ded56a979 (patch)
tree	60c4b6bf69c7d3e44f77decf6ae7182c13ae037f /target/board
parent	b107fdd6a983684f58e084c0784231553c7f2048 (diff)
parent	cac1fc6dd5daf5f03bacf8749f888d196985fda8 (diff)
download	build-6672745d18557e369e81090be89c0a8ded56a979.zip build-6672745d18557e369e81090be89c0a8ded56a979.tar.gz build-6672745d18557e369e81090be89c0a8ded56a979.tar.bz2