From 78d994b6e277b4cfd249867192eb4ea773a8f11f Mon Sep 17 00:00:00 2001
From: Max Bires <jbires@google.com>
Date: Fri, 3 Feb 2017 13:06:59 -0800
Subject: [PATCH] Added individual permissive lines to each daemon.

Bug: 34784662
Test: It compiles
Change-Id: I4db2f4964a276d43209616db1fd24ef14a09db79
---
 sepolicy/adsprpcd.te          | 8 ++++++--
 sepolicy/init_power.te        | 4 ++++
 sepolicy/init_radio.te        | 4 ++++
 sepolicy/irsc_util.te         | 6 +++++-
 sepolicy/location.te          | 4 ++++
 sepolicy/netmgrd.te           | 6 +++++-
 sepolicy/pd_services.te       | 6 +++++-
 sepolicy/per_mgr.te           | 6 +++++-
 sepolicy/perfd.te             | 4 ++++
 sepolicy/port-bridge.te       | 4 ++++
 sepolicy/qti.te               | 6 +++++-
 sepolicy/ramdump.te           | 1 +
 sepolicy/rfs_access.te        | 6 +++++-
 sepolicy/rmt_storage.te       | 6 +++++-
 sepolicy/sensors.te           | 8 ++++++--
 sepolicy/ssr_diag.te          | 6 +++++-
 sepolicy/ssr_setup.te         | 6 +++++-
 sepolicy/subsystem_ramdump.te | 6 +++++-
 sepolicy/thermal-engine.te    | 4 ++++
 sepolicy/time_daemon.te       | 6 +++++-
 sepolicy/wcnss_filter.te      | 4 ++++
 sepolicy/wcnss_service.te     | 6 +++++-
 22 files changed, 101 insertions(+), 16 deletions(-)

diff --git a/sepolicy/adsprpcd.te b/sepolicy/adsprpcd.te
index 74083fc..350a1e2 100644
--- a/sepolicy/adsprpcd.te
+++ b/sepolicy/adsprpcd.te
@@ -1,4 +1,8 @@
-type adsprpcd, domain, domain_deprecated;
+type adsprpcd, domain;
 type adsprpcd_exec, exec_type, file_type;
 
-init_daemon_domain(adsprpcd)
\ No newline at end of file
+init_daemon_domain(adsprpcd)
+
+userdebug_or_eng(`
+permissive adsprpcd;
+')
diff --git a/sepolicy/init_power.te b/sepolicy/init_power.te
index 5984f93..6ba6bfd 100644
--- a/sepolicy/init_power.te
+++ b/sepolicy/init_power.te
@@ -2,3 +2,7 @@ type init_power, domain;
 type init_power_exec, exec_type, file_type;
 
 init_daemon_domain(init_power)
+
+userdebug_or_eng(`
+permissive init_power;
+')
diff --git a/sepolicy/init_radio.te b/sepolicy/init_radio.te
index b99e811..0276c87 100644
--- a/sepolicy/init_radio.te
+++ b/sepolicy/init_radio.te
@@ -3,3 +3,7 @@ type init_radio, domain;
 type init_radio_exec, exec_type, file_type;
 
 init_daemon_domain(init_radio)
+
+userdebug_or_eng(`
+permissive init_radio;
+')
diff --git a/sepolicy/irsc_util.te b/sepolicy/irsc_util.te
index 69ca552..0e97b43 100644
--- a/sepolicy/irsc_util.te
+++ b/sepolicy/irsc_util.te
@@ -1,4 +1,8 @@
-type irsc_util, domain, domain_deprecated;
+type irsc_util, domain;
 type irsc_util_exec, exec_type, file_type;
 
 init_daemon_domain(irsc_util)
+
+userdebug_or_eng(`
+permissive irsc_util;
+')
diff --git a/sepolicy/location.te b/sepolicy/location.te
index 8ad78a3..630d543 100644
--- a/sepolicy/location.te
+++ b/sepolicy/location.te
@@ -2,3 +2,7 @@ type location, domain;
 type location_exec, exec_type, file_type;
 
 init_daemon_domain(location)
+
+userdebug_or_eng(`
+permissive location;
+')
diff --git a/sepolicy/netmgrd.te b/sepolicy/netmgrd.te
index 59a19fa..67c83d2 100644
--- a/sepolicy/netmgrd.te
+++ b/sepolicy/netmgrd.te
@@ -1,5 +1,9 @@
-type netmgrd, domain, domain_deprecated;
+type netmgrd, domain;
 type netmgrd_exec, exec_type, file_type;
 
 net_domain(netmgrd)
 init_daemon_domain(netmgrd)
+
+userdebug_or_eng(`
+permissive netmgrd;
+')
diff --git a/sepolicy/pd_services.te b/sepolicy/pd_services.te
index 70ab5e7..096dd01 100644
--- a/sepolicy/pd_services.te
+++ b/sepolicy/pd_services.te
@@ -1,4 +1,8 @@
-type pd_mapper, domain, domain_deprecated;
+type pd_mapper, domain;
 
 type pd_mapper_exec, exec_type, file_type;
 init_daemon_domain(pd_mapper);
+
+userdebug_or_eng(`
+permissive pd_mapper;
+')
diff --git a/sepolicy/per_mgr.te b/sepolicy/per_mgr.te
index a872d19..0ff2f5e 100644
--- a/sepolicy/per_mgr.te
+++ b/sepolicy/per_mgr.te
@@ -1,5 +1,9 @@
 # Policy for pm-service and pm-proxy
-type per_mgr, domain, domain_deprecated;
+type per_mgr, domain;
 type per_mgr_exec, exec_type, file_type;
 
 init_daemon_domain(per_mgr);
+
+userdebug_or_eng(`
+permissive per_mgr;
+')
diff --git a/sepolicy/perfd.te b/sepolicy/perfd.te
index 87c6ee9..40bd018 100644
--- a/sepolicy/perfd.te
+++ b/sepolicy/perfd.te
@@ -2,3 +2,7 @@ type perfd, domain;
 type perfd_exec, exec_type, file_type;
 
 init_daemon_domain(perfd)
+
+userdebug_or_eng(`
+permissive perfd;
+')
diff --git a/sepolicy/port-bridge.te b/sepolicy/port-bridge.te
index 7d59410..d0cff6b 100644
--- a/sepolicy/port-bridge.te
+++ b/sepolicy/port-bridge.te
@@ -2,3 +2,7 @@ type port-bridge, domain;
 type port-bridge_exec, exec_type, file_type;
 
 init_daemon_domain(port-bridge)
+
+userdebug_or_eng(`
+permissive port-bridge;
+')
diff --git a/sepolicy/qti.te b/sepolicy/qti.te
index 0bf59b2..41ce1c7 100644
--- a/sepolicy/qti.te
+++ b/sepolicy/qti.te
@@ -1,5 +1,9 @@
-type qti, domain, domain_deprecated;
+type qti, domain;
 type qti_exec, exec_type, file_type;
 
 init_daemon_domain(qti)
 net_domain(qti)
+
+userdebug_or_eng(`
+permissive qti;
+')
diff --git a/sepolicy/ramdump.te b/sepolicy/ramdump.te
index d66e697..12b565c 100644
--- a/sepolicy/ramdump.te
+++ b/sepolicy/ramdump.te
@@ -3,4 +3,5 @@ type ramdump_exec, exec_type, file_type;
 userdebug_or_eng(`
 type ramdump, domain;
 init_daemon_domain(ramdump)
+permissive ramdump;
 ')
diff --git a/sepolicy/rfs_access.te b/sepolicy/rfs_access.te
index 783d17f..4ea6769 100644
--- a/sepolicy/rfs_access.te
+++ b/sepolicy/rfs_access.te
@@ -1,4 +1,8 @@
-type rfs_access, domain, domain_deprecated;
+type rfs_access, domain;
 type rfs_access_exec, exec_type, file_type;
 
 init_daemon_domain(rfs_access)
+
+userdebug_or_eng(`
+permissive rfs_access;
+')
diff --git a/sepolicy/rmt_storage.te b/sepolicy/rmt_storage.te
index d0d4562..ab688ae 100644
--- a/sepolicy/rmt_storage.te
+++ b/sepolicy/rmt_storage.te
@@ -1,4 +1,8 @@
-type rmt_storage, domain, domain_deprecated;
+type rmt_storage, domain;
 type rmt_storage_exec, exec_type, file_type;
 
 init_daemon_domain(rmt_storage)
+
+userdebug_or_eng(`
+permissive rmt_storage;
+')
diff --git a/sepolicy/sensors.te b/sepolicy/sensors.te
index f3ce6f3..d0440e0 100644
--- a/sepolicy/sensors.te
+++ b/sepolicy/sensors.te
@@ -1,5 +1,9 @@
 # Policy for sensor daemon
-type sensors, domain, domain_deprecated;
+type sensors, domain;
 type sensors_exec, exec_type, file_type;
 
-init_daemon_domain(sensors)
\ No newline at end of file
+init_daemon_domain(sensors)
+
+userdebug_or_eng(`
+permissive sensors;
+')
diff --git a/sepolicy/ssr_diag.te b/sepolicy/ssr_diag.te
index c2c7781..b1f73c5 100644
--- a/sepolicy/ssr_diag.te
+++ b/sepolicy/ssr_diag.te
@@ -1,4 +1,8 @@
-type ssr_diag, domain, domain_deprecated;
+type ssr_diag, domain;
 type ssr_diag_exec, exec_type, file_type;
 
 init_daemon_domain(ssr_diag);
+
+userdebug_or_eng(`
+permissive ssr_diag;
+')
diff --git a/sepolicy/ssr_setup.te b/sepolicy/ssr_setup.te
index 0184b71..40a1c94 100644
--- a/sepolicy/ssr_setup.te
+++ b/sepolicy/ssr_setup.te
@@ -1,4 +1,8 @@
-type ssr_setup, domain, domain_deprecated;
+type ssr_setup, domain;
 type ssr_setup_exec, exec_type, file_type;
 
 init_daemon_domain(ssr_setup);
+
+userdebug_or_eng(`
+permissive ssr_setup;
+')
diff --git a/sepolicy/subsystem_ramdump.te b/sepolicy/subsystem_ramdump.te
index e6c3d9d..c691756 100644
--- a/sepolicy/subsystem_ramdump.te
+++ b/sepolicy/subsystem_ramdump.te
@@ -1,4 +1,8 @@
-type subsystem_ramdump, domain, domain_deprecated;
+type subsystem_ramdump, domain;
 type subsystem_ramdump_exec, exec_type, file_type;
 
 init_daemon_domain(subsystem_ramdump);
+
+userdebug_or_eng(`
+permissive subsystem_ramdump;
+')
diff --git a/sepolicy/thermal-engine.te b/sepolicy/thermal-engine.te
index 4f1ea26..4a2e138 100644
--- a/sepolicy/thermal-engine.te
+++ b/sepolicy/thermal-engine.te
@@ -2,3 +2,7 @@ type thermal-engine, domain;
 type thermal-engine_exec, exec_type, file_type;
 
 init_daemon_domain(thermal-engine)
+
+userdebug_or_eng(`
+permissive thermal-engine;
+')
diff --git a/sepolicy/time_daemon.te b/sepolicy/time_daemon.te
index 6558041..92277e1 100644
--- a/sepolicy/time_daemon.te
+++ b/sepolicy/time_daemon.te
@@ -1,6 +1,10 @@
-type time_daemon, domain, domain_deprecated;
+type time_daemon, domain;
 type time_daemon_exec, exec_type, file_type;
 
 init_daemon_domain(time_daemon)
 
 type time_data_file, file_type, data_file_type;
+
+userdebug_or_eng(`
+permissive time_daemon;
+')
diff --git a/sepolicy/wcnss_filter.te b/sepolicy/wcnss_filter.te
index dc89927..1f253d2 100644
--- a/sepolicy/wcnss_filter.te
+++ b/sepolicy/wcnss_filter.te
@@ -4,3 +4,7 @@ type wcnss_filter_exec, exec_type, file_type;
 init_daemon_domain(wcnss_filter)
 
 set_prop(wcnss_filter, wc_prop)
+
+userdebug_or_eng(`
+permissive wcnss_filter;
+')
diff --git a/sepolicy/wcnss_service.te b/sepolicy/wcnss_service.te
index cccae65..e46bda6 100644
--- a/sepolicy/wcnss_service.te
+++ b/sepolicy/wcnss_service.te
@@ -1,5 +1,9 @@
-type wcnss_service, domain, domain_deprecated;
+type wcnss_service, domain;
 type wcnss_service_exec, exec_type, file_type;
 
 init_daemon_domain(wcnss_service)
 net_domain(wcnss_service)
+
+userdebug_or_eng(`
+permissive wcnss_service;
+')