sync codebase
Bug: 162370942
Test: build pass
Change-Id: I73af3d6fa79a2dbf70f855274383cbf3d2af1745
Merged-In: I68126a1e1ae6193c85f6e0d9baf92a83023f436f
diff --git a/common/file.te b/common/file.te
index 7dc080d..8fb41bc 100644
--- a/common/file.te
+++ b/common/file.te
@@ -1,4 +1,2 @@
type persist_file, file_type, vendor_persist_type;
-type firmware_file, file_type, contextmount_type, vendor_file_type;
-
-allow firmware_file self:filesystem associate;
+type sysfs_iio_devices, fs_type, sysfs_type;
diff --git a/common/file_contexts b/common/file_contexts
index e86fd9f..0adc634 100644
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -1,9 +1,10 @@
/mnt/vendor/persist(/.*)? u:object_r:persist_file:s0
-/vendor/firmware_mnt(/.*)? u:object_r:firmware_file:s0
/persist(/.*)? u:object_r:persist_file:s0
-/vendor/bin/init\.insmod\.sh u:object_r:init-insmod-sh_exec:s0
/vendor/bin/grep u:object_r:vendor_toolbox_exec:s0
/vendor/bin/awk u:object_r:vendor_toolbox_exec:s0
/vendor/bin/cp u:object_r:vendor_toolbox_exec:s0
/vendor/bin/toolbox_vendor u:object_r:vendor_toolbox_exec:s0
+
+/vendor/bin/hw/android\.hardware\.atrace@1\.0-service.pixel u:object_r:hal_atrace_default_exec:s0
+
diff --git a/common/genfs_contexts b/common/genfs_contexts
new file mode 100644
index 0000000..d762381
--- /dev/null
+++ b/common/genfs_contexts
@@ -0,0 +1 @@
+genfscon sysfs /bus/iio/devices u:object_r:sysfs_iio_devices:s0
diff --git a/common/init-insmod-sh.te b/common/init-insmod-sh.te
deleted file mode 100644
index 16bc87c..0000000
--- a/common/init-insmod-sh.te
+++ /dev/null
@@ -1,19 +0,0 @@
-type init-insmod-sh, domain;
-type init-insmod-sh_exec, exec_type, vendor_file_type, file_type;
-
-init_daemon_domain(init-insmod-sh)
-
-allow init-insmod-sh vendor_toolbox_exec:file rx_file_perms;
-allow init-insmod-sh self:capability sys_module;
-allow init-insmod-sh vendor_kernel_modules:system module_load;
-allow init-insmod-sh kernel:key search;
-
-# modprobe needs sys_nice and setsched for driver threads
-allow init-insmod-sh self:capability sys_nice;
-allow init-insmod-sh kernel:process setsched;
-
-# modprobe need proc_modules
-allow init-insmod-sh proc_modules:file r_file_perms;
-
-# Set the vendor.all.modules.ready property
-set_prop(init-insmod-sh, vendor_device_prop)
diff --git a/common/init.te b/common/init.te
deleted file mode 100644
index 1ff76db..0000000
--- a/common/init.te
+++ /dev/null
@@ -1,2 +0,0 @@
-allow init firmware_file:dir mounton;
-allow init firmware_file:filesystem { getattr mount relabelfrom };
diff --git a/common/property.te b/common/property.te
deleted file mode 100644
index 50f7b34..0000000
--- a/common/property.te
+++ /dev/null
@@ -1 +0,0 @@
-vendor_internal_prop(vendor_device_prop)
diff --git a/common/property_contexts b/common/property_contexts
deleted file mode 100644
index 8343ea5..0000000
--- a/common/property_contexts
+++ /dev/null
@@ -1,2 +0,0 @@
-vendor.all.modules.ready u:object_r:vendor_device_prop:s0
-vendor.all.devices.ready u:object_r:vendor_device_prop:s0
diff --git a/common/vendor_init.te b/common/vendor_init.te
new file mode 100644
index 0000000..7299a26
--- /dev/null
+++ b/common/vendor_init.te
@@ -0,0 +1,2 @@
+# for cgroup migration
+allow vendor_init cgroup:file rw_file_perms;