From ee751c33c5d166615b1474eb85ec7c54379b3490 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Fri, 11 Nov 2016 12:30:49 -0800
Subject: [PATCH] property.te: delete security_prop

This property is never used.

Test: policy compiles
Change-Id: I43ace92950e1221754db28548031fbbfc0437d7a
---
 private/property_contexts | 1 -
 public/domain.te          | 3 ---
 public/property.te        | 1 -
 3 files changed, 5 deletions(-)

diff --git a/private/property_contexts b/private/property_contexts
index 51b9ff8c6..2e0b2dd3f 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -65,7 +65,6 @@ ro.device_owner         u:object_r:device_logging_prop:s0
 
 # selinux non-persistent properties
 selinux.restorecon_recursive   u:object_r:restorecon_prop:s0
-selinux.                       u:object_r:security_prop:s0
 
 # default property context
 *                       u:object_r:default_prop:s0
diff --git a/public/domain.te b/public/domain.te
index 696d3029e..1dac14295 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -229,9 +229,6 @@ neverallow { domain -recovery } self:capability2 mac_admin;
 # It is sealed.
 neverallow * kernel:security load_policy;
 
-# Only init and the system_server shall use the property_service.
-neverallow { domain -init -system_server } security_prop:property_service set;
-
 # Only init prior to switching context should be able to set enforcing mode.
 # init starts in kernel domain and switches to init domain via setcon in
 # the init.rc, so the setenforce occurs while still in kernel. After
diff --git a/public/property.te b/public/property.te
index 1ad1dd007..e4b8d6e43 100644
--- a/public/property.te
+++ b/public/property.te
@@ -35,7 +35,6 @@ type powerctl_prop, property_type, core_property_type;
 type radio_prop, property_type, core_property_type;
 type restorecon_prop, property_type, core_property_type;
 type safemode_prop, property_type;
-type security_prop, property_type, core_property_type;
 type shell_prop, property_type, core_property_type;
 type system_prop, property_type, core_property_type;
 type system_radio_prop, property_type, core_property_type;
-- 
GitLab