Revert "Reduce the number of processes that can start adbd"
This reverts commit faebeacaa0705f37be6c8e19ef55be3eda7d7eeb.
Reason for revert: broke the build
Change-Id: I3d61ce011ad42c6ff0e9f122de3daa37e846407a
diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index f53a194..4699ecf 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -121,7 +121,7 @@
(typeattributeset ctl_bootanim_prop_26_0 (ctl_bootanim_prop))
(typeattributeset ctl_bugreport_prop_26_0 (ctl_bugreport_prop))
(typeattributeset ctl_console_prop_26_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop))
+(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
(typeattributeset ctl_dumpstate_prop_26_0 (ctl_dumpstate_prop))
(typeattributeset ctl_fuse_prop_26_0 (ctl_fuse_prop))
(typeattributeset ctl_mdnsd_prop_26_0 (ctl_mdnsd_prop))
diff --git a/private/compat/27.0/27.0.cil b/private/compat/27.0/27.0.cil
index 8eedf56..e5d50e4 100644
--- a/private/compat/27.0/27.0.cil
+++ b/private/compat/27.0/27.0.cil
@@ -826,7 +826,7 @@
(typeattributeset ctl_bootanim_prop_27_0 (ctl_bootanim_prop))
(typeattributeset ctl_bugreport_prop_27_0 (ctl_bugreport_prop))
(typeattributeset ctl_console_prop_27_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop))
+(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
(typeattributeset ctl_dumpstate_prop_27_0 (ctl_dumpstate_prop))
(typeattributeset ctl_fuse_prop_27_0 (ctl_fuse_prop))
(typeattributeset ctl_mdnsd_prop_27_0 (ctl_mdnsd_prop))
diff --git a/private/property_contexts b/private/property_contexts
index 37d4427..6ebad35 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -115,11 +115,6 @@
ctl.interface_stop$ u:object_r:ctl_interface_stop_prop:s0
ctl.interface_restart$ u:object_r:ctl_interface_restart_prop:s0
- # Restrict access to starting/stopping adbd
-ctl.start$adbd u:object_r:ctl_adbd_prop:s0
-ctl.stop$adbd u:object_r:ctl_adbd_prop:s0
-ctl.restart$adbd u:object_r:ctl_adbd_prop:s0
-
# NFC properties
nfc. u:object_r:nfc_prop:s0
diff --git a/public/adbd.te b/public/adbd.te
index 82373fd..95854c0 100644
--- a/public/adbd.te
+++ b/public/adbd.te
@@ -2,7 +2,3 @@
# it lives in the rootfs and has no unique file type.
type adbd, domain;
type adbd_exec, exec_type, file_type;
-
-# Only init is allowed to enter the adbd domain via exec()
-neverallow { domain -init } adbd:process transition;
-neverallow * adbd:process dyntransition;
diff --git a/public/property.te b/public/property.te
index b92f18a..508eed5 100644
--- a/public/property.te
+++ b/public/property.te
@@ -5,7 +5,6 @@
type bootloader_boot_reason_prop, property_type;
type config_prop, property_type, core_property_type;
type cppreopt_prop, property_type, core_property_type;
-type ctl_adbd_prop, property_type;
type ctl_bootanim_prop, property_type;
type ctl_bugreport_prop, property_type;
type ctl_console_prop, property_type;
@@ -328,7 +327,6 @@
-boottime_prop
-config_prop
-cppreopt_prop
- -ctl_adbd_prop
-ctl_bootanim_prop
-ctl_bugreport_prop
-ctl_console_prop
diff --git a/public/recovery.te b/public/recovery.te
index dcec970..48fffe6 100644
--- a/public/recovery.te
+++ b/public/recovery.te
@@ -109,7 +109,7 @@
set_prop(recovery, powerctl_prop)
# Start/stop adbd via ctl.start adbd
- set_prop(recovery, ctl_adbd_prop)
+ set_prop(recovery, ctl_default_prop)
# Read serial number of the device from system properties
get_prop(recovery, serialno_prop)
diff --git a/public/usbd.te b/public/usbd.te
index 6dd1334..98786e0 100644
--- a/public/usbd.te
+++ b/public/usbd.te
@@ -1,5 +1,3 @@
type usbd, domain;
type usbd_exec, exec_type, file_type;
-# Start/stop adbd via ctl.start adbd
-set_prop(usbd, ctl_adbd_prop)