Revert "Fix CTS regressions" This reverts commit ed876a5e969ce89d9887cc19a97aadbaf5118e4a. Fixes user builds. libsepol.report_failure: neverallow on line 513 of system/sepolicy/public/domain.te (or line 9149 of policy.conf) violated by allow update_verifier misc_block_device:blk_file { ioctl read write lock append open }; libsepol.check_assertions: 1 neverallow failures occurred Error while expanding policy Bug: 69566734 Test: build taimen-user Change-Id: I969b7539dce547f020918ddc3e17208fc98385c4

commit: cd69bebf7646fd1fb9a2c378d7a3ccc80a00d450 [log] [tgz]
author: Jeffrey Vander Stoep <jeffv@google.com> Tue Nov 21 20:25:37 2017 +0000
committer: Jeffrey Vander Stoep <jeffv@google.com> Tue Nov 21 20:27:47 2017 +0000
tree: eac3c8ec79198a10ead0bdb82ccf61ff911df614
parent: ed876a5e969ce89d9887cc19a97aadbaf5118e4a [diff] [blame]
diff --git a/public/hal_camera.te b/public/hal_camera.te
index 4265b8a..d0824c3 100644
--- a/public/hal_camera.te
+++ b/public/hal_camera.te

@@ -23,10 +23,10 @@
 
 # hal_camera should never execute any executable without a
 # domain transition
-neverallow hal_camera_server { file_type fs_type }:file execute_no_trans;
+neverallow hal_camera { file_type fs_type }:file execute_no_trans;
 
 # hal_camera should never need network access. Disallow network sockets.
-neverallow hal_camera_server domain:{ tcp_socket udp_socket rawip_socket } *;
+neverallow hal_camera domain:{ tcp_socket udp_socket rawip_socket } *;
 
 # Only camera HAL may directly access the camera hardware
 neverallow { halserverdomain -hal_camera_server } camera_device:chr_file *;
commit	cd69bebf7646fd1fb9a2c378d7a3ccc80a00d450	[log] [tgz]
author	Jeffrey Vander Stoep <jeffv@google.com>	Tue Nov 21 20:25:37 2017 +0000
committer	Jeffrey Vander Stoep <jeffv@google.com>	Tue Nov 21 20:27:47 2017 +0000
tree	eac3c8ec79198a10ead0bdb82ccf61ff911df614
parent	ed876a5e969ce89d9887cc19a97aadbaf5118e4a [diff] [blame]