From 082807f3b4b55c83afe48219e8745945279c96a8 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Tue, 14 Mar 2017 17:35:31 -0700
Subject: [PATCH] init-debug.rc: don't mount debugfs

Motivation:
1. Reduce skew between userdebug and user builds.
2. Make the decision to mount debugfs on debug builds on a
   per-device basis.
3. Prepare to not mount it at all to reduce the attack surface
   of the kernel, reduce boot time, and free up memory.
4. Remove the selinux denial on devices that mount twice, i.e.
   unconditionally in the device specific .rc file and in the
   init-debug.rc file.
   avc: denied { mounton } for path="/sys/kernel/debug" dev="debugfs"
   ino=1 scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0
   tclass=dir permissive=0

If desired, debugfs may be mounted in device specific rc files
instead.

Bug: 31856701
Bug: 35197529
Test: Build and boot Marlin. Selinux denial no longer observed.
Change-Id: Ie0d954f77f7cf70ed2b94f67a57a6c9eba45ba8e
---
 rootdir/init-debug.rc | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/rootdir/init-debug.rc b/rootdir/init-debug.rc
index 44d34d8c1..435d4cb25 100644
--- a/rootdir/init-debug.rc
+++ b/rootdir/init-debug.rc
@@ -6,6 +6,3 @@ on property:persist.mmc.max_write_speed=*
 
 on property:persist.mmc.cache_size=*
     write /sys/block/mmcblk0/cache_size ${persist.mmc.cache_size}
-
-on early-init
-    mount debugfs debugfs /sys/kernel/debug