Delete untrusted_v2_app
As of https://android-review.googlesource.com/c/platform/system/sepolicy/+/536356 ,
the untrusted_v2_app domain is no longer used.
Bug: 112233317
Test: policy compiles, device boots, and no problems
Change-Id: I5a47c8305bef374b7fea06cd789e06cd48b847e6
diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index 31551ac..23594b8 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -10,7 +10,6 @@
untrusted_app_25
untrusted_app_27
untrusted_app_all
- untrusted_v2_app
}')
# Receive or send uevent messages.
neverallow all_untrusted_apps domain:netlink_kobject_uevent_socket *;
diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index 085948a..cad7123 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -4,6 +4,7 @@
(typeattribute hal_wifi_keystore_server)
;; types removed from current policy
+(type untrusted_v2_app)
(type asan_reboot_prop)
(type commontime_management_service)
(type log_device)
diff --git a/private/compat/27.0/27.0.cil b/private/compat/27.0/27.0.cil
index fcf4561..d99b499 100644
--- a/private/compat/27.0/27.0.cil
+++ b/private/compat/27.0/27.0.cil
@@ -1,10 +1,11 @@
;; types removed from current policy
(type commontime_management_service)
-(type qtaguid_proc)
(type mediacodec)
(type mediacodec_exec)
+(type qtaguid_proc)
(type reboot_data_file)
(type rild)
+(type untrusted_v2_app)
(type webview_zygote_socket)
(type vold_socket)
(type thermalcallback_hwservice)
diff --git a/private/compat/28.0/28.0.cil b/private/compat/28.0/28.0.cil
index 054cca2..c69a111 100644
--- a/private/compat/28.0/28.0.cil
+++ b/private/compat/28.0/28.0.cil
@@ -4,6 +4,7 @@
(type mediacodec_exec)
(type qtaguid_proc)
(type thermalcallback_hwservice)
+(type untrusted_v2_app)
;; TODO: remove once P sepolicy is pushed to AOSP.
(type vold_socket)
diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index 65be583..11cea6e 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te
@@ -2,8 +2,7 @@
### Untrusted_app_all.
###
### This file defines the rules shared by all untrusted app domains except
-### apps which target the v2 security sandbox (ephemeral_app for instant apps,
-### untrusted_v2_app for fully installed v2 apps).
+### ephemeral_app for instant apps.
### Apps are labeled based on mac_permissions.xml (maps signer and
### optionally package name to seinfo value) and seapp_contexts (maps UID
### and optionally seinfo value to domain for process and type for data
@@ -19,7 +18,7 @@
### seapp_contexts.
###
### Note that rules that should apply to all untrusted apps must be in app.te or also
-### added to untrusted_v2_app.te and ephemeral_app.te.
+### added to ephemeral_app.te.
# Some apps ship with shared libraries and binaries that they write out
# to their sandbox directory and then execute.
diff --git a/private/untrusted_v2_app.te b/private/untrusted_v2_app.te
deleted file mode 100644
index 8f4bceb..0000000
--- a/private/untrusted_v2_app.te
+++ /dev/null
@@ -1,47 +0,0 @@
-###
-### Untrusted v2 sandbox apps.
-###
-
-typeattribute untrusted_v2_app coredomain;
-
-app_domain(untrusted_v2_app)
-net_domain(untrusted_v2_app)
-bluetooth_domain(untrusted_v2_app)
-
-# Read and write system app data files passed over Binder.
-# Motivating case was /data/data/com.android.settings/cache/*.jpg for
-# cropping or taking user photos.
-allow untrusted_v2_app system_app_data_file:file { read write getattr };
-
-# Access to /data/media.
-allow untrusted_v2_app media_rw_data_file:dir create_dir_perms;
-allow untrusted_v2_app media_rw_data_file:file create_file_perms;
-
-# Traverse into /mnt/media_rw for bypassing FUSE daemon
-# TODO: narrow this to just MediaProvider
-allow untrusted_v2_app mnt_media_rw_file:dir search;
-
-# allow cts to query all services
-allow untrusted_v2_app servicemanager:service_manager list;
-
-allow untrusted_v2_app audioserver_service:service_manager find;
-allow untrusted_v2_app cameraserver_service:service_manager find;
-allow untrusted_v2_app drmserver_service:service_manager find;
-allow untrusted_v2_app mediaserver_service:service_manager find;
-allow untrusted_v2_app mediaextractor_service:service_manager find;
-allow untrusted_v2_app mediacodec_service:service_manager find;
-allow untrusted_v2_app mediametrics_service:service_manager find;
-allow untrusted_v2_app mediadrmserver_service:service_manager find;
-allow untrusted_v2_app nfc_service:service_manager find;
-allow untrusted_v2_app radio_service:service_manager find;
-# TODO: potentially provide a tighter list of services here
-allow untrusted_v2_app app_api_service:service_manager find;
-
-# gdbserver for ndk-gdb ptrace attaches to app process.
-allow untrusted_v2_app self:process ptrace;
-
-# Write app-specific trace data to the Perfetto traced damon. This requires
-# connecting to its producer socket and obtaining a (per-process) tmpfs fd.
-allow untrusted_v2_app traced:fd use;
-allow untrusted_v2_app traced_tmpfs:file { read write getattr map };
-unix_socket_connect(untrusted_v2_app, traced_producer, traced)