From f3443ee77a81e20f7a8e3a5475cc993255eb7576 Mon Sep 17 00:00:00 2001
From: Ningyuan Wang <nywang@google.com>
Date: Fri, 31 Mar 2017 15:05:36 -0700
Subject: [PATCH] Remove unused wificond sepolicy privilges

Bug: 33239267
Test: compile, run wifi, no selinux complaint for wificond
Change-Id: I9b3e874381ac6cd7c6ff1058cc4f313bd85481b8
---
 private/wificond.te | 3 ---
 public/wificond.te  | 9 ---------
 2 files changed, 12 deletions(-)

diff --git a/private/wificond.te b/private/wificond.te
index b9e48b2b5..5476e3385 100644
--- a/private/wificond.te
+++ b/private/wificond.te
@@ -1,6 +1,3 @@
 typeattribute wificond coredomain;
 
 init_daemon_domain(wificond)
-
-# TODO(b/36790991): Remove this once wificond is no longer permitted to touch wpa sockets
-typeattribute wificond socket_between_core_and_vendor_violators;
diff --git a/public/wificond.te b/public/wificond.te
index dd22d26b1..73b4be18d 100644
--- a/public/wificond.te
+++ b/public/wificond.te
@@ -7,10 +7,6 @@ binder_call(wificond, system_server)
 
 add_service(wificond, wificond_service)
 
-# wificond writes firmware paths to this file.
-# wificond also changes the owership of this file on startup.
-allow wificond sysfs_wlan_fwpath:file { w_file_perms setattr };
-
 set_prop(wificond, wifi_prop)
 set_prop(wificond, ctl_default_prop)
 
@@ -35,11 +31,6 @@ allow wificond wifi_data_file:file create_file_perms;
 # wificond changes the ownership of some files before dropping root
 allow wificond self:capability { setuid setgid setpcap chown };
 
-# wificond cleans up sockets created by wpa_supplicant and framework
-allow wificond wpa_socket:dir rw_dir_perms;
-allow wificond system_wpa_socket:sock_file unlink;
-allow wificond wpa_socket:sock_file unlink;
-
 # dumpstate support
 allow wificond dumpstate:fd use;
 allow wificond dumpstate:fifo_file write;
-- 
GitLab