diff options
-rw-r--r-- | shared/device.mk | 4 | ||||
-rw-r--r-- | shared/sepolicy/device.te | 1 | ||||
-rw-r--r-- | shared/sepolicy/recovery.te | 14 |
3 files changed, 1 insertions, 18 deletions
diff --git a/shared/device.mk b/shared/device.mk index 271dde80e..3f1183eb6 100644 --- a/shared/device.mk +++ b/shared/device.mk @@ -51,10 +51,6 @@ PRODUCT_PROPERTY_OVERRIDES += \ PRODUCT_PROPERTY_OVERRIDES += \ wlan.driver.status=ok -# Cuttlefish does not support ION needed for Codec 2.0 -PRODUCT_PROPERTY_OVERRIDES += \ - debug.stagefright.ccodec=0 - # # Packages for various cuttlefish-specific tests # diff --git a/shared/sepolicy/device.te b/shared/sepolicy/device.te index 38f0a2f0f..c29c2bf32 100644 --- a/shared/sepolicy/device.te +++ b/shared/sepolicy/device.te @@ -5,3 +5,4 @@ type region_e2e_test_device, dev_type; type region_screen_device, dev_type; type socket_forward_device, dev_type; type virtual_serial_device, dev_type; +typeattribute system_block_device super_block_device_type; diff --git a/shared/sepolicy/recovery.te b/shared/sepolicy/recovery.te index e55c18b0a..d72dc6428 100644 --- a/shared/sepolicy/recovery.te +++ b/shared/sepolicy/recovery.te @@ -1,17 +1,3 @@ allow recovery gpu_device:chr_file rw_file_perms; allow recovery appdomain_tmpfs:file r_file_perms; - -allow recovery sysfs_dm:dir r_dir_perms; -allow recovery sysfs_dm:file r_file_perms; - -# TODO: This should really be 'super_block_device', but we can't label -# vda both system_block_device and super_block_device.. -allowxperm recovery system_block_device:blk_file ioctl { BLKIOMIN BLKALIGNOFF }; - -# Copied from update_engine.te: -# Note: fsetid checks are triggered when creating a file in a directory with -# the setgid bit set to determine if the file should inherit setgid. In this -# case, setgid on the file is undesirable so we should just suppress the -# denial. -dontaudit recovery self:global_capability_class_set fsetid; |