commit dc34050e17b53aaafe71125d030568bf1db152f2
author Kiyoung Kim <kiyoungkim@google.com> Sat Feb 15 09:39:35 2020 +0900
committer Kiyoung Kim <kiyoungkim@google.com> Wed Feb 19 10:16:06 2020 +0900
tree 690383de4de35a128c7836f779500b966ff0aec8
parent 57ba84c9590c1ef17653ef33487ac6afd548ffef

Remove sys.linker property

sys.linker property was defined to enable / disable generate linker
configuration, but the property has been removed. Remove sys.linker
property definition as it is no longer in use

Bug: 149335054
Test: m -j passed && cuttlefish worked without sepolicy error
Change-Id: Iacb2d561317d0920f93104717ce4f4bb424cc095
Merged-In: Iacb2d561317d0920f93104717ce4f4bb424cc095

private/compat/29.0/29.0.ignore.cil

diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index fd57007..4419ff2 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -59,7 +59,6 @@
     mediatranscoding_tmpfs
     mirror_data_file
     light_service
-    linker_prop
     linkerconfig_file
     metadata_bootstat_file
     mnt_pass_through_file

private/domain.te

diff --git a/private/domain.te b/private/domain.te
index 1614ecb..f1f1896 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -61,9 +61,6 @@
 # if memfd support can be used if device supports it
 get_prop(domain, use_memfd_prop);
 
-# Allow to read properties for linker
-get_prop(domain, linker_prop);
-
 # Read access to sdkextensions props
 get_prop(domain, module_sdkextensions_prop)
 

private/property_contexts

diff --git a/private/property_contexts b/private/property_contexts
index 59bc9ef..54f2df9 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -24,7 +24,6 @@
 sys.                    u:object_r:system_prop:s0
 sys.init.perf_lsm_hooks u:object_r:init_perf_lsm_hooks_prop:s0
 sys.cppreopt            u:object_r:cppreopt_prop:s0
-sys.linker.             u:object_r:linker_prop:s0
 sys.lpdumpd             u:object_r:lpdumpd_prop:s0
 sys.powerctl            u:object_r:powerctl_prop:s0
 sys.usb.ffs.            u:object_r:ffs_prop:s0

private/shell.te

diff --git a/private/shell.te b/private/shell.te
index 8bd4e1d..2c69f95 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -73,11 +73,6 @@
 set_prop(shell, lpdumpd_prop);
 binder_call(shell, lpdumpd)
 
-# Allow shell to set linker property
-userdebug_or_eng(`
-  set_prop(shell, linker_prop)
-')
-
 # Allow shell to get encryption policy of /data/local/tmp/, for CTS
 allowxperm shell shell_data_file:dir ioctl {
   FS_IOC_GET_ENCRYPTION_POLICY

public/property.te

diff --git a/public/property.te b/public/property.te
index f309036..bb44a64 100644
--- a/public/property.te
+++ b/public/property.te
@@ -65,7 +65,6 @@
 system_restricted_prop(binder_cache_bluetooth_server_prop)
 system_restricted_prop(binder_cache_system_server_prop)
 system_restricted_prop(bq_config_prop)
-system_restricted_prop(linker_prop)
 system_restricted_prop(module_sdkextensions_prop)
 system_restricted_prop(nnapi_ext_deny_product_prop)
 system_restricted_prop(restorecon_prop)
@@ -365,13 +364,6 @@
   ctl_rildaemon_prop
 }:property_service set;
 
-# Do now allow to modify linker properties except shell and init
-neverallow {
-  domain
-  -init
-  userdebug_or_eng(`-shell')
-} linker_prop:property_service set;
-
 neverallow {
   domain
   -init