Merge cherrypicks of [2337407, 2337461, 2337391, 2337257, 2337318, 2337340, 2337423, 2337481, 2337412, 2337521, 2337413, 2337426, 2337414, 2337415, 2337523, 2337502, 2337503, 2337524, 2337463, 2337483, 2337417, 2337427, 2337561, 2337464, 2337581, 2337484, 2337525, 2337526, 2337527, 2337394, 2337562, 2337528, 2337504, 2337563, 2337565, 2337584, 2337602, 2337530, 2337585, 2337532, 2337487, 2337396, 2337505, 2337432, 2337603, 2337604, 2337534, 2337536, 2337508, 2337606] into nyc-mr1-volantis-release Change-Id: Ie0aa328c67d813f789e869bc63965c18f1592bbe

commit: 9c62dc8fd2ab0d11d9f95325b4afe89975bda98c [log] [tgz]
author: android-build-team Robot <android-build-team-robot@google.com> Wed May 31 18:16:58 2017 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> Wed May 31 18:16:58 2017 +0000
tree: f98dfb272bd869a021ecb67157832f7fffd06923
parent: 1d145bedc3ee84d6cb7abd3c5ee5b52618a876e4 [diff]
parent: 94488ea8a37c30177c7024ba410f21f9c8814c5c [diff]
diff --git a/system_server.te b/system_server.te
index 03a7ef3..db59b65 100644
--- a/system_server.te
+++ b/system_server.te

@@ -54,16 +54,13 @@
     net_raw
     sys_boot
     sys_nice
-    sys_resource
+    sys_ptrace
     sys_time
     sys_tty_config
 };
 
 wakelock_use(system_server)
 
-# Triggered by /proc/pid accesses, not allowed.
-dontaudit system_server self:capability sys_ptrace;
-
 # Trigger module auto-load.
 allow system_server kernel:system module_request;
commit	9c62dc8fd2ab0d11d9f95325b4afe89975bda98c	[log] [tgz]
author	android-build-team Robot <android-build-team-robot@google.com>	Wed May 31 18:16:58 2017 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	Wed May 31 18:16:58 2017 +0000
tree	f98dfb272bd869a021ecb67157832f7fffd06923
parent	1d145bedc3ee84d6cb7abd3c5ee5b52618a876e4 [diff]
parent	94488ea8a37c30177c7024ba410f21f9c8814c5c [diff]