move gpsd domain to device specific policy
Only used by Flounder.
Bug: 8435593
Change-Id: I06655e897ab68a1724190950e128cd390617f2bd
diff --git a/app.te b/app.te
index 7a679fd..0d7b600 100644
--- a/app.te
+++ b/app.te
@@ -256,7 +256,6 @@
audio_device
camera_device
dm_device
- gps_device
radio_device
rpmsg_device
video_device
@@ -339,9 +338,6 @@
# Write to various other parts of /data.
neverallow appdomain drm_data_file:dir_file_class_set
{ create write setattr relabelfrom relabelto append unlink link rename };
-neverallow { appdomain -system_app }
- gps_data_file:dir_file_class_set
- { create write setattr relabelfrom relabelto append unlink link rename };
neverallow { appdomain -platform_app }
apk_data_file:dir_file_class_set
{ create write setattr relabelfrom relabelto append unlink link rename };
diff --git a/device.te b/device.te
index 06006b2..e3ddb95 100644
--- a/device.te
+++ b/device.te
@@ -44,7 +44,6 @@
type fuse_device, dev_type, mlstrustedobject;
type iio_device, dev_type;
type ion_device, dev_type, mlstrustedobject;
-type gps_device, dev_type;
type qtaguid_device, dev_type;
type watchdog_device, dev_type;
type uhid_device, dev_type;
diff --git a/file.te b/file.te
index 1f8dd3c..8e3bbe5 100644
--- a/file.te
+++ b/file.te
@@ -92,8 +92,6 @@
type resourcecache_data_file, file_type, data_file_type;
# /data/local - writable by shell
type shell_data_file, file_type, data_file_type, mlstrustedobject;
-# /data/gps
-type gps_data_file, file_type, data_file_type;
# /data/property
type property_data_file, file_type, data_file_type;
# /data/bootchart
@@ -188,7 +186,6 @@
type dnsproxyd_socket, file_type, mlstrustedobject;
type dumpstate_socket, file_type;
type fwmarkd_socket, file_type, mlstrustedobject;
-type gps_socket, file_type;
type installd_socket, file_type;
type lmkd_socket, file_type;
type logd_socket, file_type, mlstrustedobject;
diff --git a/file_contexts b/file_contexts
index 83d87e1..5089183 100644
--- a/file_contexts
+++ b/file_contexts
@@ -79,8 +79,6 @@
/dev/log(/.*)? u:object_r:log_device:s0
/dev/mem u:object_r:kmem_device:s0
/dev/modem.* u:object_r:radio_device:s0
-/dev/mpu u:object_r:gps_device:s0
-/dev/mpuirq u:object_r:gps_device:s0
/dev/mtd(/.*)? u:object_r:mtd_device:s0
/dev/mtp_usb u:object_r:mtp_device:s0
/dev/pmsg0 u:object_r:pmsg_device:s0
@@ -103,7 +101,6 @@
/dev/socket/dnsproxyd u:object_r:dnsproxyd_socket:s0
/dev/socket/dumpstate u:object_r:dumpstate_socket:s0
/dev/socket/fwmarkd u:object_r:fwmarkd_socket:s0
-/dev/socket/gps u:object_r:gps_socket:s0
/dev/socket/installd u:object_r:installd_socket:s0
/dev/socket/lmkd u:object_r:lmkd_socket:s0
/dev/socket/logd u:object_r:logd_socket:s0
@@ -185,7 +182,6 @@
/system/bin/racoon u:object_r:racoon_exec:s0
/system/xbin/su u:object_r:su_exec:s0
/system/xbin/perfprofd u:object_r:perfprofd_exec:s0
-/system/vendor/bin/gpsd u:object_r:gpsd_exec:s0
/system/bin/dnsmasq u:object_r:dnsmasq_exec:s0
/system/bin/hostapd u:object_r:hostapd_exec:s0
/system/bin/clatd u:object_r:clatd_exec:s0
@@ -211,7 +207,6 @@
# Vendor files
#
/vendor(/.*)? u:object_r:system_file:s0
-/vendor/bin/gpsd u:object_r:gpsd_exec:s0
#############################
# OEM and ODM files
@@ -233,7 +228,6 @@
/data/secure/backup(/.*)? u:object_r:backup_data_file:s0
/data/system/ndebugsocket u:object_r:system_ndebug_socket:s0
/data/drm(/.*)? u:object_r:drm_data_file:s0
-/data/gps(/.*)? u:object_r:gps_data_file:s0
/data/resource-cache(/.*)? u:object_r:resourcecache_data_file:s0
/data/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0
/data/adb(/.*)? u:object_r:adb_data_file:s0
diff --git a/gpsd.te b/gpsd.te
deleted file mode 100644
index 4b22223..0000000
--- a/gpsd.te
+++ /dev/null
@@ -1,29 +0,0 @@
-# gpsd - GPS daemon
-type gpsd, domain;
-type gpsd_exec, exec_type, file_type;
-
-init_daemon_domain(gpsd)
-net_domain(gpsd)
-allow gpsd gps_data_file:dir rw_dir_perms;
-allow gpsd gps_data_file:notdevfile_class_set create_file_perms;
-# Socket is created by the daemon, not by init, and under /data/gps,
-# not under /dev/socket.
-type_transition gpsd gps_data_file:sock_file gps_socket;
-allow gpsd gps_socket:sock_file create_file_perms;
-# XXX Label sysfs files with a specific type?
-allow gpsd sysfs:file rw_file_perms;
-
-allow gpsd gps_device:chr_file rw_file_perms;
-
-# Execute the shell or system commands.
-allow gpsd shell_exec:file rx_file_perms;
-allow gpsd system_file:file rx_file_perms;
-allow gpsd toolbox_exec:file rx_file_perms;
-
-###
-### neverallow
-###
-
-# gpsd can never have capabilities other than block_suspend
-neverallow gpsd self:capability *;
-neverallow gpsd self:capability2 ~block_suspend;
diff --git a/rild.te b/rild.te
index e2856a3..ca63d33 100644
--- a/rild.te
+++ b/rild.te
@@ -31,9 +31,6 @@
auditallow rild net_radio_prop:property_service set;
auditallow rild system_radio_prop:property_service set;
-# Read/Write to uart driver (for GPS)
-allow rild gps_device:chr_file rw_file_perms;
-
allow rild tty_device:chr_file rw_file_perms;
# Allow rild to create and use netlink sockets.
diff --git a/system_server.te b/system_server.te
index c2b72bf..fb864ca 100644
--- a/system_server.te
+++ b/system_server.te
@@ -118,7 +118,6 @@
unix_socket_connect(system_server, netd, netd)
unix_socket_connect(system_server, vold, vold)
unix_socket_connect(system_server, zygote, zygote)
-unix_socket_connect(system_server, gps, gpsd)
unix_socket_connect(system_server, racoon, racoon)
unix_socket_send(system_server, wpa, wpa)
@@ -317,7 +316,6 @@
# LocationManager(e.g, GPS) needs to read and write
# to uart driver and ctrl proc entry
-allow system_server gps_device:chr_file rw_file_perms;
allow system_server gps_control:file rw_file_perms;
# Allow system_server to use app-created sockets and pipes.