commit ef1493d2d56b70bfc25a0ab7f69abe7898013cc2
author Maciej Żenczykowski <maze@google.com> Fri Jan 24 18:03:46 2020 -0800
committer Maciej Żenczykowski <maze@google.com> Sat Jan 25 02:13:01 2020 +0000
tree c3142eb7423481d14950101f8c9e77246c65412d
parent 33a653331a6be2090cc2e88b0f0e471164646ff5

netd: remove freshly added neverallows

until we gain a better understanding of why this is breaking builds
on for example pixel3_mainline-userdebug

Test: no, but removing neverallows can't break the already broken build...
Bug: 148311635
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ib4fa19317034412f9eaa789f39df2548f13178dc

public/netd.te

diff --git a/public/netd.te b/public/netd.te
index dab9351..92c2ed1 100644
--- a/public/netd.te
+++ b/public/netd.te
@@ -180,8 +180,6 @@
 
 # Netd should not have SYS_MODULE privs, nor should it be requesting module loads
 # (things it requires should be built directly into the kernel)
-neverallow netd self:capability sys_module;
 dontaudit netd self:capability sys_module;
 
-neverallow netd kernel:system module_request;
 dontaudit netd kernel:system module_request;