Merge "Revert "Remove domain_deprecated from sdcard domains""

blkid.te

 # blkid called from vold
-type blkid, domain;
+type blkid, domain, domain_deprecated;
 type blkid_exec, exec_type, file_type;
 
 # Allowed read-only access to encrypted devices to extract UUID/label
@@ -14,9 +14,6 @@ allow blkid vold:fifo_file { read write getattr };
 # For blkid launched through popen()
 allow blkid blkid_exec:file rx_file_perms;
 
-# access to /proc/filesystems
-allow blkid proc:file r_file_perms;
-
 # Only allow entry from vold
 neverallow { domain -vold } blkid:process transition;
 neverallow domain blkid:process dyntransition;

blkid_untrusted.te

 # blkid for untrusted block devices
-type blkid_untrusted, domain;
+type blkid_untrusted, domain, domain_deprecated;
 
 # Allowed read-only access to vold block devices to extract UUID/label
 allow blkid_untrusted block_device:dir search;

fsck.te

 # Any fsck program run by init
-type fsck, domain;
+type fsck, domain, domain_deprecated;
 type fsck_exec, exec_type, file_type;
 
 init_daemon_domain(fsck)
@@ -24,8 +24,6 @@ allow fsck dm_device:blk_file rw_file_perms;
 # fsck performs a stat() on swap to verify that it is a valid
 # swap device before setting the EXT2_MF_SWAP mount flag.
 allow fsck swap_block_device:blk_file getattr;
-# access to /proc/swaps
-allow fsck proc:file r_file_perms;
 
 ###
 ### neverallow rules

fsck_untrusted.te

 # Any fsck program run on untrusted block devices
-type fsck_untrusted, domain;
+type fsck_untrusted, domain, domain_deprecated;
 
 # Inherit and use pty created by android_fork_execvp_ext().
 allow fsck_untrusted devpts:chr_file { read write ioctl getattr };

sdcardd.te

-type sdcardd, domain;
+type sdcardd, domain, domain_deprecated;
 type sdcardd_exec, exec_type, file_type;
 
 allow sdcardd cgroup:dir create_dir_perms;

sgdisk.te

 # sgdisk called from vold
-type sgdisk, domain;
+type sgdisk, domain, domain_deprecated;
 type sgdisk_exec, exec_type, file_type;
 
 # Allowed to read/write low-level partition tables