[ALPS04304578] [V3]UDC: SElinux permission grant

Feature - Userdata Checkpoint We will format the metadata partition(md_udc) in first boot-up, because it is a RAW data part, so giving the permission grant to e2fs. MTK-Commit-Id: de837a8e097cad8067f5d653370545b51f8d457e Change-Id: Iaebc665979ab36422b6df846a2f05450c222d1f5 CR-Id: ALPS04304578 Feature: [Android Default] F2FS File System
2020-01-18 10:14:58 +08:00 · 2020-01-18 10:14:58 +08:00 · 0605921b96
commit 0605921b96
parent 2053ec451b
2 changed files with 9 additions and 1 deletions
--- a/non_plat/e2fs.te
+++ b/non_plat/e2fs.te
@ -23,4 +23,9 @@ allow e2fs userdata_block_device:blk_file rw_file_perms;
 # Operation: Q migration
 # Purpose : Allow mke2fs to use ioctl/ioctlcmd
 allowxperm e2fs protect1_block_device:blk_file ioctl BLKPBSZGET;
-allowxperm e2fs protect2_block_device:blk_file ioctl BLKPBSZGET;
+allowxperm e2fs protect2_block_device:blk_file ioctl BLKPBSZGET;
+
+# Date : WK19.23
+# Operation: Q migration
+# Purpose : Allow format /metadata for UDC
+allow e2fs metadata_block_device:blk_file rw_file_perms;
--- a/non_plat/file_contexts
+++ b/non_plat/file_contexts
@ -475,6 +475,9 @@
 /dev/block/platform/bootdevice/by-name/loader_ext(_[ab])?    u:object_r:loader_ext_block_device:s0
 /dev/block/platform/bootdevice/by-name/vbmeta(_system|_vendor)?(_[ab])?    u:object_r:vbmeta_block_device:s0

+# W19.23 Q new feature - Userdata Checkpoint
+/dev/block/by-name/md_udc             u:object_r:metadata_block_device:s0
+
 #############################
 # sysfs files
 #