From 0f9a4e559f3aec584bbb7ab59fa8e92322c1eb90 Mon Sep 17 00:00:00 2001
From: "zhiyong.wang" <zhiyong.wang@mediatek.com>
Date: Sat, 18 Jan 2020 10:13:41 +0800
Subject: [PATCH] [ALPS04474673] allow vendor init write expdb

[   34.641681] <0>.(7)[346:logd.auditd]type=1400
audit(1558666535.652:116): avc: denied { read write } for comm="init"
name="mmcblk0p4" dev="tmpfs" ino=14428 scontext=u:r:vendor_init:s0
tcontext=u:object_r:expdb_block_device:s0 tclass=blk_file permissive=0

allow vendor init write into expdb partition.

MTK-Commit-Id: f46025981c46c95f7cc42a3c1380cf71b686d1e6

Change-Id: I573ed127c93cd84d49042ae5671b19ca967dd2e1
CR-Id: ALPS04474673
Feature: Android Exception Engine(AEE)
---
 non_plat/vendor_init.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/non_plat/vendor_init.te b/non_plat/vendor_init.te
index 7ae8d15..5b37552 100644
--- a/non_plat/vendor_init.te
+++ b/non_plat/vendor_init.te
@@ -63,3 +63,6 @@ set_prop(vendor_init, mtk_fullscreenswitch_prop)
 
 # for kernel module verification support, allow vendor domain to search kernel keyring
 allow vendor_init kernel:key search;
+
+# Purpose: /dev/block/mmcblk0p10
+allow vendor_init expdb_block_device:blk_file rw_file_perms;