Merge cherrypicks of [2310999, 2310925, 2310891, 2311000, 2310892, 2310858, 2310986, 2310963, 2311043, 2310928, 2311044, 2310990, 2311022, 2311023, 2310917, 2310994, 2311024, 2311045, 2310967, 2310995, 2311003, 2311059, 2311025, 2311060, 2310953, 2311061, 2311004, 2311046, 2311005, 2311047, 2311006, 2311079, 2310954, 2311026, 2310896, 2310898, 2310997, 2311062, 2310955, 2311029, 2310998, 2311080, 2311119, 2311030, 2310933, 2311140, 2311063, 2310934, 2311049, 2311050, 2311084, 2311031, 2311145, 2311164] into nyc-mr2-security-c-release Change-Id: I8c12700188296c623b846a244a3f67b1bdbe46e7

commit: b7fe2d04d44e125304c16f96f743f3846ee78f06 [log] [tgz]
author: android-build-team Robot <android-build-team-robot@google.com> Wed May 24 22:54:15 2017 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> Wed May 24 22:54:15 2017 +0000
tree: 9d4616d136d69bbfa0868d5afcda44045478fbab
parent: 27eb6492eb83c1a7fb7908704cf47ad2be241185 [diff]
parent: a5bb25939a8bb49fa5ae509e383a59531bccf4d6 [diff]
diff --git a/system_server.te b/system_server.te
index 03a7ef3..db59b65 100644
--- a/system_server.te
+++ b/system_server.te

@@ -54,16 +54,13 @@
     net_raw
     sys_boot
     sys_nice
-    sys_resource
+    sys_ptrace
     sys_time
     sys_tty_config
 };
 
 wakelock_use(system_server)
 
-# Triggered by /proc/pid accesses, not allowed.
-dontaudit system_server self:capability sys_ptrace;
-
 # Trigger module auto-load.
 allow system_server kernel:system module_request;
commit	b7fe2d04d44e125304c16f96f743f3846ee78f06	[log] [tgz]
author	android-build-team Robot <android-build-team-robot@google.com>	Wed May 24 22:54:15 2017 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	Wed May 24 22:54:15 2017 +0000
tree	9d4616d136d69bbfa0868d5afcda44045478fbab
parent	27eb6492eb83c1a7fb7908704cf47ad2be241185 [diff]
parent	a5bb25939a8bb49fa5ae509e383a59531bccf4d6 [diff]