From b010393fe537d855ec18a623c46e6efb6df261df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thi=C3=A9baud=20Weksteen?= <tweek@google.com>
Date: Thu, 19 Oct 2023 11:27:49 +1100
Subject: [PATCH] Remove write to /sys/fs/selinux/checkreqprot

This SELinux option has been deprecated in the kernel since v5.7. In
v6.4, commit a7e4676e made any write to this file a no-op.

Since v4.4, the default value of 0 is set by the kernel. Skip the
setting of this value since we only support kernel >= 4.14.

Test: presubmit
Change-Id: Ied5945532e10b156dc0d9996b2a41a99d04e750b
---
 init/selinux.cpp | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/init/selinux.cpp b/init/selinux.cpp
index 9095b854e..1f211ddfa 100644
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -503,10 +503,6 @@ void SelinuxSetEnforcement() {
                         << ") failed";
         }
     }
-
-    if (auto result = WriteFile("/sys/fs/selinux/checkreqprot", "0"); !result.ok()) {
-        LOG(FATAL) << "Unable to write to /sys/fs/selinux/checkreqprot: " << result.error();
-    }
 }
 
 constexpr size_t kKlogMessageSize = 1024;