universal7904: sepolicy: Cleanup unused rules
Change-Id: Idcf765bab4f43f67ecc21cd572b6264d691f9185
Signed-off-by: SamarV-121 <samarvispute121@gmail.com>
diff --git a/sepolicy/vendor/device.te b/sepolicy/vendor/device.te
index e7fb8fa..2625ae5 100644
--- a/sepolicy/vendor/device.te
+++ b/sepolicy/vendor/device.te
@@ -1,12 +1,3 @@
-# /dev/vfsspi
-type fingerprint_device, dev_type;
-
-# /dev/batch_io
-type sensor_device, dev_type;
-
-# /dev/s5p-smem
-type secmem_device, dev_type;
-
# /dev/m2m1shot_scaler0
type m2m1shot_device, dev_type;
diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te
index 124f03a..ea81315 100644
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -37,7 +37,6 @@
type sysfs_v4l_smfc, sysfs_type, r_fs_type, fs_type;
type sysfs_v4l_fimc, sysfs_type, r_fs_type, fs_type;
type sysfs_graphics, fs_type, sysfs_type;
-type sysfs_mdnie, fs_type, sysfs_type, mlstrustedobject;
type sysfs_multipdp, fs_type, sysfs_type, mlstrustedobject;
type sysfs_sec, fs_type, sysfs_type, mlstrustedobject;
type sysfs_gps, fs_type, sysfs_type, mlstrustedobject;
@@ -45,7 +44,6 @@
type sysfs_virtual, fs_type, sysfs_type, mlstrustedobject;
type sysfs_charger, fs_type, sysfs_type, mlstrustedobject;
type sysfs_modem, fs_type, sysfs_type, mlstrustedobject;
-type sysfs_lcd, fs_type, sysfs_type, mlstrustedobject;
type sysfs_camera, fs_type, sysfs_type, mlstrustedobject;
type sysfs_mmc_host_writable, sysfs_type, rw_fs_type, fs_type;
type sysfs_ss_writable, sysfs_type, rw_fs_type, fs_type;
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index f9c8293..8a8cfbf 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -34,34 +34,14 @@
####################################
# efs
-/cpefs(/.*)? u:object_r:efs_file:s0
/mnt/vendor/cpefs(/.*)? u:object_r:efs_file:s0
-/efs/FactoryApp(/.*)? u:object_r:app_efs_file:s0
-/efs/FactoryApp/baro_delta u:object_r:baro_delta_factoryapp_efs_file:s0
-/efs/FactoryApp/factorymode u:object_r:factorymode_factoryapp_efs_file:s0
-/efs/FactoryApp/fdata u:object_r:radio_factoryapp_efs_file:s0
-/efs/FactoryApp/hist_nv u:object_r:radio_factoryapp_efs_file:s0
-/efs/FactoryApp/test_nv u:object_r:radio_factoryapp_efs_file:s0
-/efs/FactoryApp/gyro_cal_data u:object_r:sensor_factoryapp_efs_file:s0
-
-/efs/nv_data.bin(.*) u:object_r:bin_nv_data_efs_file:s0
-/efs/nv.log u:object_r:bin_nv_data_efs_file:s0
-/efs/\.nv_core\.bak(.*) u:object_r:bin_nv_data_efs_file:s0
-/efs/wv\.keys u:object_r:cpk_efs_file:s0
-/efs/factory\.prop u:object_r:factoryprop_efs_file:s0
-/efs/TEE(/.*)? u:object_r:gatekeeper_efs_file:s0
-/efs/TEE/Store_1.tf u:object_r:gatekeeper_efs_file:s0
-
####################################
# data files
/data/vendor/nfc(/.*)? u:object_r:nfc_vendor_data_file:s0
/data/misc/radio(/.*)? u:object_r:radio_data_file:s0
-# livedisplay
-/data/vendor/display(/.*)? u:object_r:display_vendor_data_file:s0
-
# drm
/data/vendor/mediadrm(/.*)? u:object_r:mediadrm_data_file:s0
@@ -97,9 +77,6 @@
/sys/class/backlight/panel/brightness u:object_r:sysfs_graphics:s0
/sys/class/backlight/panel/max_brightness u:object_r:sysfs_graphics:s0
-# camera
-/sys/devices/virtual/camera(/.*)? u:object_r:sysfs_camera:s0
-
# rild
/sys/devices/virtual/misc/multipdp(/.*) u:object_r:sysfs_multipdp:s0
diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts
index e87b373..95b029c 100644
--- a/sepolicy/vendor/genfs_contexts
+++ b/sepolicy/vendor/genfs_contexts
@@ -14,14 +14,10 @@
# SYSFS
# class
-genfscon sysfs /class/camera u:object_r:sysfs_camera:s0
-genfscon sysfs /class/input/input4 u:object_r:sysfs_sensors:s0
-genfscon sysfs /class/input/input6 u:object_r:sysfs_sensors:s0
genfscon sysfs /class/video4linux u:object_r:sysfs_v4l:s0
genfscon sysfs /class/input/input1 u:object_r:sysfs_input:s0
# devices
-genfscon sysfs /module/modem_ctrl_ss310ap/parameters/ds_detect u:object_r:sysfs_sim_writable:s0
genfscon sysfs /devices/platform/10000.mif_pdata/sim/ds_detect u:object_r:sysfs_sim_writable:s0
genfscon sysfs /module/scsc_bt/parameters/bluetooth_address u:object_r:sysfs_bt_writable:s0
genfscon sysfs /devices/platform/11ce0000.speedy/i2c-7/7-0000/s2mpu08-rtc/rtc u:object_r:sysfs_rtc:s0
@@ -36,7 +32,6 @@
genfscon sysfs /devices/platform/14440000.fimc_is/video4linux u:object_r:sysfs_v4l_fimc:s0
genfscon sysfs /devices/platform/12c30000.mfc0/video4linux u:object_r:sysfs_v4l_mfc:s0
genfscon sysfs /devices/platform/12c00000.smfc/video4linux u:object_r:sysfs_v4l_smfc:s0
-genfscon sysfs /devices/platform/bluetooth/rfkill/rfkill0/state u:object_r:sysfs_bt_writable:s0
genfscon sysfs /devices/platform/battery/power_supply/battery u:object_r:sysfs_battery_writable:s0
genfscon sysfs /devices/platform/battery/power_supply/battery/batt_capacity_max u:object_r:sysfs_battery_writable:s0
genfscon sysfs /devices/platform/battery/power_supply/battery/status u:object_r:sysfs_battery_writable:s0
@@ -54,13 +49,7 @@
genfscon sysfs /devices/virtual/camera/rear/fw_update u:object_r:sysfs_camera_writable:s0
genfscon sysfs /devices/virtual/camera/rear/ssrm_camera_info u:object_r:sysfs_camera_writable:s0
genfscon sysfs /devices/virtual/camera/flash/rear_flash u:object_r:sysfs_camera_writable:s0
-genfscon sysfs /devices/virtual/input/input3 u:object_r:sysfs_sensors_writable:s0
-genfscon sysfs /devices/virtual/input/input4 u:object_r:sysfs_sensors_writable:s0
-genfscon sysfs /devices/virtual/sec/sensorhub/mcu_power u:object_r:sysfs_sensorhub_writable:s0
-genfscon sysfs /devices/virtual/usb_notify/usb_control/usb_hw_param u:object_r:sysfs_usb_writable:s0
-
-genfscon sysfs /firmware/devicetree/base/argos u:object_r:sysfs_argos:s0
genfscon sysfs /firmware/devicetree/base/model_info-system_rev u:object_r:sysfs_info:s0
genfscon sysfs /kernel/gpu/ u:object_r:sysfs_gpu:s0
diff --git a/sepolicy/vendor/hal_drm_clearkey.te b/sepolicy/vendor/hal_drm_clearkey.te
index 92af96d..ad30d13 100644
--- a/sepolicy/vendor/hal_drm_clearkey.te
+++ b/sepolicy/vendor/hal_drm_clearkey.te
@@ -6,7 +6,7 @@
hal_server_domain(hal_drm_clearkey, hal_drm)
-vndbinder_use(hal_drm_clearkey);
+vndbinder_use(hal_drm_clearkey)
allow hal_drm_clearkey { appdomain -isolated_app }:fd use;
diff --git a/sepolicy/vendor/hal_drm_widevine.te b/sepolicy/vendor/hal_drm_widevine.te
index fee899d..01d02d5 100644
--- a/sepolicy/vendor/hal_drm_widevine.te
+++ b/sepolicy/vendor/hal_drm_widevine.te
@@ -5,7 +5,7 @@
hal_server_domain(hal_drm_widevine, hal_drm)
-vndbinder_use(hal_drm_widevine);
+vndbinder_use(hal_drm_widevine)
allow hal_drm_widevine mediacodec:fd use;
allow hal_drm_widevine { appdomain -isolated_app }:fd use;
@@ -19,5 +19,3 @@
allow hal_drm_widevine cpk_efs_file:file r_file_perms;
allow hal_drm_widevine efs_file:dir search;
-
-allow hal_drm_widevine secmem_device:chr_file rw_file_perms;
diff --git a/sepolicy/vendor/hal_fingerprint_default.te b/sepolicy/vendor/hal_fingerprint_default.te
index 3f0b690..4d59975 100644
--- a/sepolicy/vendor/hal_fingerprint_default.te
+++ b/sepolicy/vendor/hal_fingerprint_default.te
@@ -1,6 +1,5 @@
typeattribute hal_fingerprint_default data_between_core_and_vendor_violators;
allow hal_fingerprint_default fingerprintd_data_file:dir write;
-allow hal_fingerprint_default fingerprint_device:chr_file rw_file_perms;
allow hal_fingerprint_default sysfs_virtual:dir search;
allow hal_fingerprint_default sysfs_virtual:file r_file_perms;
diff --git a/sepolicy/vendor/hal_gatekeeper_default.te b/sepolicy/vendor/hal_gatekeeper_default.te
index 0cd9bb2..904170b 100644
--- a/sepolicy/vendor/hal_gatekeeper_default.te
+++ b/sepolicy/vendor/hal_gatekeeper_default.te
@@ -1,5 +1,3 @@
-allow hal_gatekeeper_default gatekeeper_efs_file:file rw_file_perms;
-allow hal_gatekeeper_default gatekeeper_efs_file:dir search;
allow hal_gatekeeper_default efs_file:dir search;
allow hal_gatekeeper_default efs_file:file rw_file_perms;
allow hal_gatekeeper_default mnt_vendor_file:dir search;
diff --git a/sepolicy/vendor/init.te b/sepolicy/vendor/init.te
index 4670784..fbd0b42 100644
--- a/sepolicy/vendor/init.te
+++ b/sepolicy/vendor/init.te
@@ -22,12 +22,9 @@
allow init sysfs_camera:file setattr;
allow init sysfs_charger:file setattr;
allow init sysfs_input:file setattr;
-allow init sysfs_lcd:file setattr;
-allow init sysfs_mdnie:file setattr;
allow init sysfs_modem:file w_file_perms;
allow init sysfs_battery_writable:file setattr;
allow init sysfs_power_writable:file setattr;
-allow init sysfs_bt_writable:file setattr;
allow init sysfs_graphics:file create_file_perms;
allow init system_server:binder { transfer call };
diff --git a/sepolicy/vendor/lhd.te b/sepolicy/vendor/lhd.te
deleted file mode 100644
index b959cf7..0000000
--- a/sepolicy/vendor/lhd.te
+++ /dev/null
@@ -1,4 +0,0 @@
-allow lhd sysfs_virtual:dir search;
-allow lhd sysfs_virtual:file rw_file_perms;
-allow lhd sysfs_virtual:lnk_file read;
-allow lhd efs_file:dir search;