Merge "add hal_bootctl to white-list of sys_rawio"

commit: 829211770319b4fd6b0dbf34a0fcefbef5ffeaeb [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Thu Feb 14 07:21:00 2019 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Feb 14 07:21:00 2019 +0000
tree: 45b9941ad288ea1b3a0d2bf60c92f2ed495d7533
parent: a0f56f1d635fc89c80b67e5f7844e19c2f0f65f3 [diff]
parent: 30c77c1695865abbaa2bb5aa20553815acf34cae [diff]
diff --git a/public/domain.te b/public/domain.te
index e8baabc..d3fac70 100644
--- a/public/domain.te
+++ b/public/domain.te

@@ -355,6 +355,7 @@
   -healthd
   -uncrypt
   -tee
+  -hal_bootctl
 } self:global_capability_class_set sys_rawio;
 
 # No process can map low memory (< CONFIG_LSM_MMAP_MIN_ADDR).

diff --git a/public/hal_bootctl.te b/public/hal_bootctl.te
index 2491734..be9975f 100644
--- a/public/hal_bootctl.te
+++ b/public/hal_bootctl.te

@@ -3,5 +3,3 @@
 binder_call(hal_bootctl_server, hal_bootctl_client)
 
 hal_attribute_hwservice(hal_bootctl, hal_bootctl_hwservice)
-
-dontaudit hal_bootctl self:global_capability_class_set sys_rawio;
commit	829211770319b4fd6b0dbf34a0fcefbef5ffeaeb	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Thu Feb 14 07:21:00 2019 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Thu Feb 14 07:21:00 2019 +0000
tree	45b9941ad288ea1b3a0d2bf60c92f2ed495d7533
parent	a0f56f1d635fc89c80b67e5f7844e19c2f0f65f3 [diff]
parent	30c77c1695865abbaa2bb5aa20553815acf34cae [diff]