Move audio_firmware_file and /data/misc/audio entry to core sepolicy.

file_contexts uses regexes, not a globs, so use (/.*)? rather than /*
to match the directory and anything beneath it.

Since /data/misc/audio is not device-specific, move it to core sepolicy.

Consider renaming this type in the future to audio_data_file, but that
is left to a separate change as it will require a restorecon_recursive
on mako.

Change-Id: Ib8c96ab9e19d34e8e34a4c859528345763be4906
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

3 files changed, 0 insertions, 8 deletions

diff --git a/sepolicy/file.te b/sepolicy/file.te
index 7cff3b7..30fd2ba 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -8,8 +8,6 @@ type kickstart_data_file, file_type, data_file_type;
 
 type mpdecision_socket, file_type;
 
-type audio_firmware_file, file_type;
-
 # Default type for anything under /firmware
 type radio_efs_file, fs_type;
 
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 6729e0d..aa8f832 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -71,9 +71,6 @@
 
 /dev/cpu_dma_latency               u:object_r:power_control_device:s0
 
-# Qualcomm audio firmware files
-/data/misc/audio/*                 u:object_r:audio_firmware_file:s0
-
 /dev/ks_hsic_bridge                u:object_r:kickstart_device:s0
 /dev/efs_hsic_bridge               u:object_r:kickstart_device:s0
 
diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te
index e5d9af0..7091ab5 100644
--- a/sepolicy/mediaserver.te
+++ b/sepolicy/mediaserver.te
@@ -7,6 +7,3 @@ qmux_socket(mediaserver)
 # Permit mediaserver to create sockets
 allow mediaserver self:socket create;
 
-# Grant access to audio firmware files to mediaserver
-allow mediaserver audio_firmware_file:dir ra_dir_perms;
-allow mediaserver audio_firmware_file:file create_file_perms;