From 9e238bfba920039805dcb53bf2719581890376b5 Mon Sep 17 00:00:00 2001
From: Nancy Huang <yu-chien.huang@mediatek.com>
Date: Sat, 18 Jan 2020 10:20:04 +0800
Subject: [PATCH] [ALPS04760196] audioserver: fix high risk sepolicy

[Detail]
1. Remove system_data_file access rule
2. Remove socket access in audioserver

MTK-Commit-Id: 53231b8b52745a21cc302833524911c55bab4960

Change-Id: I661f78bfbe0377bf88445494af0f33edb5f4fef7
CR-Id: ALPS04760196
Feature: [Module]Proprietary Audio Utility
---
 plat_private/audioserver.te | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/plat_private/audioserver.te b/plat_private/audioserver.te
index a167d6d..8bc8f17 100644
--- a/plat_private/audioserver.te
+++ b/plat_private/audioserver.te
@@ -47,16 +47,13 @@ allow audioserver untrusted_app:dir search;
 # Date : WK15.34
 # Operation : Migration
 # Purpose: for camera middleware dump image buffer to sdcard & audio frameworks dump
-allow audioserver system_data_file:dir write;
 allow audioserver storage_file:lnk_file {read write};
 allow audioserver mnt_user_file:dir {write read search};
 allow audioserver mnt_user_file:lnk_file {read write};
 
 # Purpose: Dump debug info
 allow audioserver kmsg_device:chr_file { open write };
-allow audioserver property_socket:sock_file write;
 allow audioserver media_rw_data_file:dir { create_dir_perms };
-allow audioserver init:unix_stream_socket connectto;
 
 # Date : WK16.27
 # Operation : Migration