Merge "sepolicy_vndr : allow to read aon property(ro.vendor.qc_aon_presence)"
diff --git a/generic/vendor/common/hal_graphics_composer_default.te b/generic/vendor/common/hal_graphics_composer_default.te
index 7f2aae6..36d5854 100644
--- a/generic/vendor/common/hal_graphics_composer_default.te
+++ b/generic/vendor/common/hal_graphics_composer_default.te
@@ -107,6 +107,9 @@
#allow composer to find hal_thermal
hal_client_domain(hal_graphics_composer_default, hal_thermal);
+#allow composer to find hal_qspmhal
+hal_client_domain(hal_graphics_composer_default, vendor_hal_qspmhal);
+
# Allow access to qipcrtr_socket
# Remove this when QMI service moves to pfmd
allow hal_graphics_composer self: qipcrtr_socket create_socket_perms_no_ioctl;
diff --git a/generic/vendor/kalama/file_contexts b/generic/vendor/kalama/file_contexts
index dc42fbd..4f25859 100644
--- a/generic/vendor/kalama/file_contexts
+++ b/generic/vendor/kalama/file_contexts
@@ -320,4 +320,3 @@
# Microdump collector parameters
/sys/module/microdump_collector/parameters/.* u:object_r:vendor_sysfs_microdump:s0
-/vendor/bin/usbudev u:object_r:vendor_usbudev_qti_exec:s0
diff --git a/generic/vendor/kalama/usbudev.te b/generic/vendor/kalama/usbudev.te
deleted file mode 100644
index ef24bd3..0000000
--- a/generic/vendor/kalama/usbudev.te
+++ /dev/null
@@ -1,22 +0,0 @@
-# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
-# SPDX-License-Identifier: BSD-3-Clause-Clear
-
-#============= vendor_usbudev_qti ==============
-
-type vendor_usbudev_qti, domain;
-type vendor_usbudev_qti_exec, exec_type, vendor_file_type, file_type;
-
-init_daemon_domain(vendor_usbudev_qti)
-domain_auto_trans(init, vendor_usbudev_qti_exec, vendor_usbudev_qti)
-
-allow vendor_usbudev_qti self:capability net_admin;
-allow vendor_usbudev_qti self:netlink_route_socket { nlmsg_read read };
-allow vendor_usbudev_qti self:udp_socket { create ioctl };
-allow vendor_usbudev_qti self:netlink_kobject_uevent_socket { bind create getopt read setopt };
-allow vendor_usbudev_qti self:netlink_route_socket { create nlmsg_readpriv write };
-allow vendor_usbudev_qti vendor_sysfs_usb_node:dir search;
-allow vendor_usbudev_qti vendor_sysfs_usb_node:file { getattr open read };
-allow vendor_usbudev_qti proc_net:file { getattr open read };
-allow vendor_usbudev_qti vendor_shell_exec:file rx_file_perms;
-allow vendor_usbudev_qti vendor_toolbox_exec:file rx_file_perms;
-allowxperm vendor_usbudev_qti self:udp_socket ioctl { SIOCSIFHWADDR SIOCSIFFLAGS SIOCSIFADDR };
\ No newline at end of file
diff --git a/qva/vendor/common/location_engine_service.te b/qva/vendor/common/location_engine_service.te
index e29f7ef..cc192bd 100644
--- a/qva/vendor/common/location_engine_service.te
+++ b/qva/vendor/common/location_engine_service.te
@@ -34,9 +34,6 @@
domain_auto_trans(vendor_location, vendor_location_engine_service_exec, vendor_location_engine_service)
allow vendor_location_engine_service vendor_location:fd use;
-# allows read/write file access in /dev/smcinvoke
-allow vendor_location_engine_service tee_device:chr_file rw_file_perms;
-
# allows file access in /data/vendor/location
allow vendor_location_engine_service vendor_location_data_file:dir create_dir_perms;
allow vendor_location_engine_service vendor_location_data_file:file create_file_perms;