Merge "Remove netdomain from Microdroid"
diff --git a/microdroid/system/private/net.te b/microdroid/system/private/net.te
index 1b2fd41..8e783cb 100644
--- a/microdroid/system/private/net.te
+++ b/microdroid/system/private/net.te
@@ -2,15 +2,3 @@
type node, node_type;
type netif, netif_type;
type port, port_type;
-
-###
-### Domain with network access
-###
-
-allow netdomain self:tcp_socket create_stream_socket_perms;
-allow netdomain self:{ icmp_socket udp_socket rawip_socket } create_socket_perms;
-
-allow netdomain port_type:tcp_socket name_connect;
-allow netdomain node_type:{ icmp_socket rawip_socket tcp_socket udp_socket } node_bind;
-allow netdomain port_type:udp_socket name_bind;
-allow netdomain port_type:tcp_socket name_bind;
diff --git a/microdroid/system/public/attributes b/microdroid/system/public/attributes
index 419caa1..61bf8fb 100644
--- a/microdroid/system/public/attributes
+++ b/microdroid/system/public/attributes
@@ -120,9 +120,6 @@
attribute vendor_public_property_type;
expandattribute vendor_public_property_type false;
-# All domains used for apps with network access.
-attribute netdomain;
-
# All domains used for apps with bluetooth access.
attribute bluetoothdomain;
diff --git a/microdroid/system/public/shell.te b/microdroid/system/public/shell.te
index bde9cd9..0bcb29d 100644
--- a/microdroid/system/public/shell.te
+++ b/microdroid/system/public/shell.te
@@ -2,9 +2,6 @@
type shell, domain;
type shell_exec, system_file_type, exec_type, file_type;
-# Create and use network sockets.
-net_domain(shell)
-
# Root fs.
allow shell rootfs:dir r_dir_perms;
diff --git a/microdroid/system/public/su.te b/microdroid/system/public/su.te
index 152de51..5f41e37 100644
--- a/microdroid/system/public/su.te
+++ b/microdroid/system/public/su.te
@@ -6,8 +6,6 @@
type su, domain;
# Add su to various domains
-net_domain(su)
-
dontaudit su self:capability_class_set *;
dontaudit su self:capability2 *;
dontaudit su kernel:security *;