Revert "Coredomain can't execute vendor code."
This reverts commit 07dd2c9e89ec6b588a1842a3d1ef0a305e175257.
Reason for revert: albacore build broken
Change-Id: I551b1d8c008f01fb815e42b59d397feb9672b8e6
diff --git a/public/attributes b/public/attributes
index 2a8a40a..c25f1eb 100644
--- a/public/attributes
+++ b/public/attributes
@@ -154,12 +154,6 @@
attribute data_between_core_and_vendor_violators;
expandattribute data_between_core_and_vendor_violators false;
-# All system domains which violate the requirement of not executing vendor
-# binaries/libraries.
-# TODO(b/62041836)
-attribute system_executes_vendor_violators;
-expandattribute system_executes_vendor_violators false;
-
# hwservices that are accessible from untrusted applications
# WARNING: Use of this attribute should be avoided unless
# absolutely necessary. It is a temporary allowance to aid the
diff --git a/public/domain.te b/public/domain.te
index fb468e0..70d8ae2 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -829,20 +829,6 @@
-crash_dump_exec
-netutils_wrapper_exec
}:file { entrypoint execute execute_no_trans };
-
- # Do not allow system components to execute files from vendor
- # except for the ones whitelist here.
- neverallow {
- coredomain
- -init
- -system_executes_vendor_violators
- -vendor_init
- } {
- vendor_file_type
- -same_process_hal_file
- -vndk_sp_file
- -vendor_app_file
- }:file { execute execute_no_trans };
')
# Only authorized processes should be writing to files in /data/dalvik-cache