Move audio_firmware_file and /data/misc/audio entry to core sepolicy.

file_contexts uses regexes, not a globs, so use (/.*)? rather than /*
to match the directory and anything beneath it.

Since /data/misc/audio is not device-specific, move it to core sepolicy.

Consider renaming this type in the future to audio_data_file, but that
is left to a separate change as it will require a restorecon_recursive
on mako.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Change-Id: Iddc4539df686ec23edf2cf9e79e86ca353f480ce

3 files changed, 0 insertions, 7 deletions

diff --git a/sepolicy/file.te b/sepolicy/file.te
index 839b0a4..d65815e 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -4,4 +4,3 @@ type qmux_bluetooth_socket, file_type;
 type qmux_gps_socket, file_type;
 type qmux_radio_socket, file_type;
 
-type audio_firmware_file, file_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index ccbb9b6..5406505 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -20,9 +20,6 @@
 # Qualcomm MSM Audio ACDB device
 /dev/msm_acdb       u:object_r:msm_acdb_device:s0
 
-# Qualcomm audio firmware files
-/data/misc/audio/*                 u:object_r:audio_firmware_file:s0
-
 /dev/ks_hsic_bridge                u:object_r:kickstart_device:s0
 /dev/efs_hsic_bridge               u:object_r:kickstart_device:s0
 
diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te
index dacaacf..81fee64 100644
--- a/sepolicy/mediaserver.te
+++ b/sepolicy/mediaserver.te
@@ -8,6 +8,3 @@ allow mediaserver qmux_audio_socket:dir rw_dir_perms;
 # Permit mediaserver to create sockets
 allow mediaserver self:socket create;
 
-# Grant access to audio firmware files to mediaserver
-allow mediaserver audio_firmware_file:dir ra_dir_perms;
-allow mediaserver audio_firmware_file:file create_file_perms;