common: Drop custom filesystem rules
* Support for more filesystems for public storage has
not worked properly since 18.1.
Change-Id: I604fcac815d392949fcb7f97c3d0483dc3d38005
diff --git a/common/private/file.te b/common/private/file.te
index aa60d26..23167ce 100644
--- a/common/private/file.te
+++ b/common/private/file.te
@@ -1,3 +1,2 @@
-type sdcard_posix, sdcard_type, sdcard_posix_contextmount_type, fs_type, mlstrustedobject;
type sysfs_io_sched_tuneable, fs_type, sysfs_type;
type adbroot_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/common/private/file_contexts b/common/private/file_contexts
index 09da0f6..aa7cd43 100644
--- a/common/private/file_contexts
+++ b/common/private/file_contexts
@@ -1,9 +1,3 @@
-# Filesystem tools
-/system/bin/fsck\.ntfs u:object_r:fsck_exec:s0
-/system/bin/mkfs\.exfat u:object_r:mkfs_exec:s0
-/system/bin/mkfs\.f2fs u:object_r:mkfs_exec:s0
-/system/bin/mkfs\.ntfs u:object_r:mkfs_exec:s0
-
# I/O Scheduler
/sys/devices(/platform)?/msm_sdcc\.[0-9]/mmc_host/mmc[0-9]/mmc[0-9]:[a-f0-9]+/block/mmcblk[0-9]/queue(/.*)? u:object_r:sysfs_io_sched_tuneable:s0
/sys/devices(/platform)?/soc(\.[0-9])?/[a-f0-9]+\.sdhci/mmc_host/mmc[0-9]/mmc[0-9]:[a-f0-9]+/block/mmcblk[0-9]/queue(/.*)? u:object_r:sysfs_io_sched_tuneable:s0
diff --git a/common/private/fsck_untrusted.te b/common/private/fsck_untrusted.te
deleted file mode 100644
index 5d12f76..0000000
--- a/common/private/fsck_untrusted.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# External storage
-allow fsck_untrusted self:capability sys_admin;
diff --git a/common/private/genfs_contexts b/common/private/genfs_contexts
index c629305..87013ad 100644
--- a/common/private/genfs_contexts
+++ b/common/private/genfs_contexts
@@ -1,5 +1 @@
-ifelse(board_excludes_fuseblk_sepolicy, `true', ,
-genfscon fuseblk / u:object_r:vfat:s0
-)
-
genfscon sysfs /devices/virtual/timed_output/vibrator u:object_r:sysfs_vibrator:s0
diff --git a/common/private/mkfs.te b/common/private/mkfs.te
deleted file mode 100644
index 2c16520..0000000
--- a/common/private/mkfs.te
+++ /dev/null
@@ -1,9 +0,0 @@
-type mkfs, coredomain, domain;
-type mkfs_exec, system_file_type, exec_type, file_type;
-
-init_daemon_domain(mkfs)
-
-# Allow formatting userdata or cache partitions
-allow mkfs block_device:dir search;
-allow mkfs userdata_block_device:blk_file rw_file_perms;
-allow mkfs cache_block_device:blk_file rw_file_perms;
diff --git a/common/private/system_server.te b/common/private/system_server.te
index 4fe1d72..bd0acaa 100644
--- a/common/private/system_server.te
+++ b/common/private/system_server.te
@@ -1,5 +1,3 @@
-allow system_server storage_stub_file:dir getattr;
-
allow system_server adbroot_service:service_manager find;
# Use HALs
diff --git a/common/private/vold.te b/common/private/vold.te
deleted file mode 100644
index 915190b..0000000
--- a/common/private/vold.te
+++ /dev/null
@@ -1,11 +0,0 @@
-# NTFS-3g wants to drop permission
-allow vold self:capability { setgid setuid };
-
-# External storage
-allow vold mkfs_exec:file rx_file_perms;
-allow vold mnt_media_rw_stub_file:dir r_dir_perms;
-allow vold storage_stub_file:dir rw_dir_perms;
-
-# External EXT4/F2FS storage
-allow vold sdcard_posix:filesystem { relabelto relabelfrom };
-allow vold labeledfs:filesystem relabelfrom;
diff --git a/common/sepolicy.mk b/common/sepolicy.mk
index f0340cb..dd88a88 100644
--- a/common/sepolicy.mk
+++ b/common/sepolicy.mk
@@ -9,12 +9,6 @@
endif
endif
-ifeq ($(TARGET_USES_PREBUILT_VENDOR_SEPOLICY), true)
-ifeq ($(TARGET_HAS_FUSEBLK_SEPOLICY_ON_VENDOR),true)
-BOARD_SEPOLICY_M4DEFS += board_excludes_fuseblk_sepolicy=true
-endif
-endif
-
SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += \
device/lineage/sepolicy/common/public