From a268f48a1fb552fa967cda539ceb2a9cedcb0de9 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Tue, 8 Apr 2014 16:04:04 -0700
Subject: [PATCH] zygote: clean up unnecessary rules.

In 66f25cb1af951d2064467b3af9e68bd7bfe01484, auditallow entries
were added for some old zygote rules. They've never been triggered,
so they're not needed. Delete them.

Change-Id: Idb544c71410e263714f29cdbec0424a46f32898f
---
 zygote.te | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/zygote.te b/zygote.te
index 225f43177..f29ed6a3d 100644
--- a/zygote.te
+++ b/zygote.te
@@ -46,14 +46,3 @@ allow zygote labeledfs:filesystem remount;
 
 # Handle --invoke-with command when launching Zygote with a wrapper command.
 allow zygote zygote_exec:file rx_file_perms;
-
-# handle bugreports b/10498304
-allow zygote ashmem_device:chr_file execute;
-allow zygote shell_data_file:file { write getattr };
-allow zygote system_server:binder { transfer call };
-allow zygote servicemanager:binder { call };
-
-auditallow zygote ashmem_device:chr_file execute;
-auditallow zygote shell_data_file:file { write getattr };
-auditallow zygote system_server:binder { transfer call };
-auditallow zygote servicemanager:binder { call };
-- 
GitLab