Coalesce generic_x86 and generic sepolicy where possible.

We originally forked a complete copy of generic/sepolicy into
generic_x86/sepolicy, but we can instead inherit from it and
merely add rules as needed under generic_x86/sepolicy.

Change-Id: I21e1a1425ce08676a8ea69685a4761db3bfde628
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

target/board/generic_x86/BoardConfig.mk

@@ -42,7 +42,10 @@ BOARD_CACHEIMAGE_FILE_SYSTEM_TYPE := ext4
 BOARD_FLASH_BLOCK_SIZE := 512
 TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
 
-BOARD_SEPOLICY_DIRS += build/target/board/generic_x86/sepolicy
+BOARD_SEPOLICY_DIRS += \
+        build/target/board/generic/sepolicy \
+        build/target/board/generic_x86/sepolicy
+
 BOARD_SEPOLICY_UNION += \
         device.te \
         domain.te \

target/board/generic_x86/sepolicy/device.te

@@ -1 +0,0 @@
-type qemu_device, dev_type;

target/board/generic_x86/sepolicy/domain.te

@@ -1,4 +1 @@
-# For /sys/qemu_trace files in the emulator.
-allow domain sysfs_writable:file rw_file_perms;
 allow domain cpuctl_device:dir search;
-allow domain qemu_device:chr_file rw_file_perms;

target/board/generic_x86/sepolicy/file.te

@@ -1 +0,0 @@
-type qemud_socket, file_type;

target/board/generic_x86/sepolicy/file_contexts

@@ -1,4 +0,0 @@
-/dev/qemu_.*		u:object_r:qemu_device:s0
-/dev/socket/qemud	u:object_r:qemud_socket:s0
-/system/bin/qemud	u:object_r:qemud_exec:s0
-/sys/qemu_trace(/.*)?	--	u:object_r:sysfs_writable:s0

target/board/generic_x86/sepolicy/qemud.te

@@ -1,6 +0,0 @@
-# qemu support daemon
-type qemud, domain;
-type qemud_exec, exec_type, file_type;
-
-init_daemon_domain(qemud)
-unconfined_domain(qemud)

target/board/generic_x86/sepolicy/rild.te

@@ -1 +0,0 @@
-unix_socket_connect(rild, qemud, qemud)

target/board/generic_x86/sepolicy/shell.te

@@ -1 +0,0 @@
-allow shell serial_device:chr_file rw_file_perms;

target/board/generic_x86/sepolicy/system_server.te

@@ -1,2 +1 @@
 allow system_server self:process execmem;
-unix_socket_connect(system_server, qemud, qemud)