From d0113ae0aed1a455834f26ec847b6ca8610e3b16 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Fri, 11 Dec 2015 16:57:45 -0800
Subject: [PATCH] bluetoothdomain.te: drop allow bluetoothdomain self:socket
 create_socket_perms;

An auditallow has been in place since commit
cb835a2852997dde0be2941173f8c879ebbef157 but nothing has been triggered.
Remove the rule.

Bug: 25768265
Change-Id: Ia9f35c41feabc9ccf5eb5c6dae09c68dc4f465ff
---
 bluetoothdomain.te | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/bluetoothdomain.te b/bluetoothdomain.te
index 7fed3ae4f..fe4f0e663 100644
--- a/bluetoothdomain.te
+++ b/bluetoothdomain.te
@@ -1,11 +1,2 @@
-# Other domains that can create and use bluetooth sockets.
-# SELinux does not presently define a specific socket class for
-# bluetooth sockets, nor does it distinguish among the bluetooth protocols.
-# TODO: This should no longer be needed with bluedroid for bluetooth
-# but may be getting used for other non-bluetooth sockets that has no
-# specific class defined.  Consider taking to specific domains. (b/25768265)
-allow bluetoothdomain self:socket create_socket_perms;
-auditallow { bluetoothdomain -system_server } self:socket create_socket_perms;
-
 # Allow clients to use a socket provided by the bluetooth app.
 allow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown };
-- 
GitLab