From 1df23cbf8ef4cd35cf6ab832120c2d1a86a46ffd Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Thu, 7 Apr 2016 15:56:24 -0700
Subject: [PATCH] drop vold from sys_rawio neverallow exception

This does not appear needed anymore.

Change-Id: I3128ab610c742b18008f4cfc2a7116b210f770e7
---
 domain.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/domain.te b/domain.te
index 0e46d318e..67019a0a4 100644
--- a/domain.te
+++ b/domain.te
@@ -165,7 +165,7 @@ neverallow {
 } self:capability mknod;
 
 # Limit raw I/O to these whitelisted domains.
-neverallow { domain -kernel -init -recovery -ueventd -watchdogd -healthd -vold -uncrypt -tee } self:capability sys_rawio;
+neverallow { domain -kernel -init -recovery -ueventd -watchdogd -healthd -uncrypt -tee } self:capability sys_rawio;
 
 # No process can map low memory (< CONFIG_LSM_MMAP_MIN_ADDR).
 neverallow * self:memprotect mmap_zero;
-- 
GitLab