From 739f4487173e10cab0263d8dfbad44c34373d5bd Mon Sep 17 00:00:00 2001
From: Roopesh Rajashekharaiah Nataraja <roopeshr@codeaurora.org>
Date: Thu, 29 Jun 2017 18:37:01 -0700
Subject: [PATCH] Add policies to remove System UID from time service

Bug: 62785008
Change-Id: I85cdaa618da7beddce88d4b67bd1b9d08c0a9c00
---
 sepolicy/vendor/seapp_contexts     | 2 +-
 sepolicy/vendor/timeservice_app.te | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/sepolicy/vendor/seapp_contexts b/sepolicy/vendor/seapp_contexts
index dd751e5b..7e694ca7 100644
--- a/sepolicy/vendor/seapp_contexts
+++ b/sepolicy/vendor/seapp_contexts
@@ -20,7 +20,7 @@ user=_app seinfo=platform name=com.google.android.hardwareinfo domain=hardware_i
 user=_app seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=user
 
 #Needed for time service apk
-user=system seinfo=platform name=com.qualcomm.timeservice domain=timeservice_app type=system_app_data_file
+user=_app seinfo=platform name=com.qualcomm.timeservice domain=timeservice_app type=app_data_file
 
 # Domain for easelservice app
 user=_app seinfo=easel name=com.google.android.imaging.easel.service domain=easelservice_app type=app_data_file levelFrom=user
diff --git a/sepolicy/vendor/timeservice_app.te b/sepolicy/vendor/timeservice_app.te
index eabbba22..c047793c 100644
--- a/sepolicy/vendor/timeservice_app.te
+++ b/sepolicy/vendor/timeservice_app.te
@@ -2,5 +2,5 @@ type timeservice_app, domain;
 app_domain(timeservice_app);
 
 allow timeservice_app app_api_service:service_manager find;
-allow timeservice_app system_app_data_file:dir { search getattr };
+allow timeservice_app app_data_file:dir { search getattr };
 allow timeservice_app time_daemon:unix_stream_socket connectto;