vold: clarify sysfs access And remove a redundant rule. Test: sesearch shows no changes to vold's sepolicy. Change-Id: Icccc18696e98b999968ecbe0fb7862c35575a9b3

commit: dcad0f04cfe423d490019d23528ed9fe1e54b047 [log] [tgz]
author: Tri Vo <trong@google.com> Tue Jan 23 11:37:14 2018 -0800
committer: Tri Vo <trong@google.com> Tue Jan 23 13:43:51 2018 -0800
tree: c4f1823e9905ce9c8a2e279b107287bb76e52305
parent: a3e8572875540be87105befe635af238ca188ab1 [diff]
diff --git a/public/vold.te b/public/vold.te
index f754db7..a490e06 100644
--- a/public/vold.te
+++ b/public/vold.te

@@ -11,7 +11,7 @@
 r_dir_file(vold, proc_net)
 r_dir_file(vold, sysfs_type)
 # XXX Label sysfs files with a specific type?
-allow vold sysfs:file w_file_perms;
+allow vold sysfs:file w_file_perms; # writing to /sys/*/uevent during coldboot.
 allow vold sysfs_dm:file w_file_perms;
 allow vold sysfs_usb:file w_file_perms;
 allow vold sysfs_zram_uevent:file w_file_perms;
@@ -89,9 +89,6 @@
 allow vold domain:process { signal sigkill };
 allow vold self:global_capability_class_set { sys_ptrace kill };
 
-# XXX Label sysfs files with a specific type?
-allow vold sysfs:file rw_file_perms;
-
 allow vold kmsg_device:chr_file rw_file_perms;
 
 # Run fsck in the fsck domain.
commit	dcad0f04cfe423d490019d23528ed9fe1e54b047	[log] [tgz]
author	Tri Vo <trong@google.com>	Tue Jan 23 11:37:14 2018 -0800
committer	Tri Vo <trong@google.com>	Tue Jan 23 13:43:51 2018 -0800
tree	c4f1823e9905ce9c8a2e279b107287bb76e52305
parent	a3e8572875540be87105befe635af238ca188ab1 [diff]