From 526d1f2d0e1a30f1f0cb7e1bf527c69155e6692e Mon Sep 17 00:00:00 2001
From: bengris32 <bengris32@protonmail.ch>
Date: Sun, 6 Aug 2023 22:47:22 +0100
Subject: [PATCH] sepolicy: basic: non_plat: Allow {vendor_}init to write to
 sysfs_devices_block

* Init adjusts discard_max_bytes.

Change-Id: I00b80a62aad8fe201d501f42127812158158b1fa
Signed-off-by: bengris32 <bengris32@protonmail.ch>
---
 basic/non_plat/init.te        | 3 +++
 basic/non_plat/vendor_init.te | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/basic/non_plat/init.te b/basic/non_plat/init.te
index 5b907eb..0a54fd9 100644
--- a/basic/non_plat/init.te
+++ b/basic/non_plat/init.te
@@ -147,3 +147,6 @@ allow init sysfs_mtk_core_ctl:dir r_dir_perms;
 allow init sysfs_mtk_core_ctl:file rw_file_perms;
 
 allow init xcap_socket:sock_file create_file_perms;
+
+# Allow init to write to sysfs_devices_block
+allow init sysfs_devices_block:file w_file_perms;
diff --git a/basic/non_plat/vendor_init.te b/basic/non_plat/vendor_init.te
index 12e61ab..9b62165 100644
--- a/basic/non_plat/vendor_init.te
+++ b/basic/non_plat/vendor_init.te
@@ -166,3 +166,6 @@ set_prop(vendor_init, vendor_mtk_xfrm_support_prop)
 
 # Power
 set_prop(vendor_init, vendor_power_prop)
+
+# Allow vendor_init to write to sysfs_devices_block
+allow vendor_init sysfs_devices_block:file w_file_perms;