enable SELinux for hikey

2 types remaining avc denials are mentioned here:

1. init domain on android0 file
https://android-review.googlesource.com/#/c/239530/
2. sys_module denial on netd domain
https://android-review.googlesource.com/#/c/239514/

Change-Id: I2623742ea10261908b1ab3ed7f999c5b8a8a6fb7
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>

2 files changed, 6 insertions, 6 deletions

diff --git a/BoardConfig.mk b/BoardConfig.mk
index 3ddabef9..c63226a8 100644
--- a/BoardConfig.mk
+++ b/BoardConfig.mk
@@ -30,7 +30,7 @@ BOARD_WPA_SUPPLICANT_DRIVER := NL80211
 BOARD_HOSTAPD_DRIVER := NL80211
 CONFIG_DRIVER_NL80211 := y
 
-BOARD_KERNEL_CMDLINE := console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime androidboot.selinux=permissive
+BOARD_KERNEL_CMDLINE := console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime
 
 TARGET_NO_BOOTLOADER := true
 TARGET_NO_KERNEL := false
diff --git a/bootloader/EFI/BOOT/grub.cfg b/bootloader/EFI/BOOT/grub.cfg
index 093f1be8..95c7dccb 100644
--- a/bootloader/EFI/BOOT/grub.cfg
+++ b/bootloader/EFI/BOOT/grub.cfg
@@ -3,35 +3,35 @@ set timeout=1
 menuentry 'AOSP' {
     search.fs_label boot root
     set root=($root)
-    linux /Image console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime androidboot.selinux=permissive
+    linux /Image console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime
     initrd /ramdisk.img
     devicetree /hi6220-hikey.dtb
 }
 menuentry 'AOSP-DEBUG' {
     search.fs_label boot root
     set root=($root)
-    linux /Image earlycon=pl011,0xf7113000 no_console_suspend=1 console=ttyFIQ0 androidboot.console=ttyFIQ0 sysrq_always_enabled androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime androidboot.selinux=permissive
+    linux /Image earlycon=pl011,0xf7113000 no_console_suspend=1 console=ttyFIQ0 androidboot.console=ttyFIQ0 sysrq_always_enabled androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime
     initrd /ramdisk.img
     devicetree /hi6220-hikey.dtb
 }
 menuentry 'AOSP-CONSOLE' {
     search.fs_label boot root
     set root=($root)
-    linux /Image console=ttyAMA3,115200 androidboot.console=ttyAMA3 fiq_debugger.disable=Y androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime androidboot.selinux=permissive
+    linux /Image console=ttyAMA3,115200 androidboot.console=ttyAMA3 fiq_debugger.disable=Y androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime
     initrd /ramdisk.img
     devicetree /hi6220-hikey.dtb
 }
 menuentry 'AOSP@720P' {
     search.fs_label boot root
     set root=($root)
-    linux /Image console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime video=HDMI-A-1:1280x720@60 androidboot.selinux=permissive
+    linux /Image console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime video=HDMI-A-1:1280x720@60
     initrd /ramdisk.img
     devicetree /hi6220-hikey.dtb
 }
 menuentry 'AOSP@SVGA' {
     search.fs_label boot root
     set root=($root)
-    linux /Image console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime video=HDMI-A-1:800x600@60 androidboot.selinux=permissive
+    linux /Image console=ttyFIQ0 androidboot.console=ttyFIQ0 androidboot.hardware=hikey firmware_class.path=/system/etc/firmware efi=noruntime video=HDMI-A-1:800x600@60
     initrd /ramdisk.img
     devicetree /hi6220-hikey.dtb
 }