Merge "Simplify /dev/kmsg SELinux policy."

device.te

@@ -51,7 +51,6 @@ type uio_device, dev_type;
 type tun_device, dev_type, mlstrustedobject;
 type usbaccessory_device, dev_type, mlstrustedobject;
 type usb_device, dev_type, mlstrustedobject;
-type klog_device, dev_type;
 type properties_device, dev_type;
 type properties_serial, dev_type;
 type i2c_device, dev_type;

file_contexts

@@ -136,7 +136,6 @@
 /dev/watchdog		u:object_r:watchdog_device:s0
 /dev/xt_qtaguid	u:object_r:qtaguid_device:s0
 /dev/zero		u:object_r:zero_device:s0
-/dev/__kmsg__		u:object_r:klog_device:s0
 /dev/__properties__ u:object_r:properties_device:s0
 #############################
 # System files

kernel.te

@@ -41,8 +41,7 @@ allow kernel self:capability sys_resource;
 allow kernel self:capability sys_boot;
 allow kernel proc_sysrq:file w_file_perms;
 
-# Allow writing to /dev/__kmsg__ which was created prior to
-# loading policy
+# Allow writing to /dev/kmsg which was created prior to loading policy.
 allow kernel tmpfs:chr_file write;
 
 # Set checkreqprot by init.rc prior to switching to init domain.

ueventd.te

@@ -3,10 +3,8 @@
 type ueventd, domain, domain_deprecated;
 tmpfs_domain(ueventd)
 
-# TODO: why is ueventd using __kmsg__ when it should just create
-# and use /dev/kmsg instead?
-type_transition ueventd device:chr_file klog_device "__kmsg__";
-allow ueventd klog_device:chr_file { create open write unlink };
+# Write to /dev/kmsg.
+allow ueventd kmsg_device:chr_file rw_file_perms;
 
 allow ueventd self:capability { chown mknod net_admin setgid fsetid sys_rawio dac_override fowner };
 allow ueventd device:file create_file_perms;