From 4312a6125a723d1d67f40ac927bd4b36a4d62adc Mon Sep 17 00:00:00 2001
From: mtk80905 <xiao.liu@mediatek.com>
Date: Sat, 18 Jan 2020 10:21:55 +0800
Subject: [PATCH] [ALPS04752203] Add vendor permission for fastbootd sepolicy
 enable

Google patch system/sepolicy/private/domain.te
Vendor sepolicy device/mediatek/sepolicy/basic/non_plat/fastbootd.te

MTK-Commit-Id: c793f3c90651b1fd483621e5795e41cf91cdf63e

Change-Id: I998679ac71c6018fc5f0305226bd73f91fd3f27e
CR-Id: ALPS04752203
Feature: [Android Default] Fastboot
---
 non_plat/fastbootd.te | 39 +++++++++++++++++++++------------------
 1 file changed, 21 insertions(+), 18 deletions(-)

diff --git a/non_plat/fastbootd.te b/non_plat/fastbootd.te
index 9e273ab..0a48fbd 100644
--- a/non_plat/fastbootd.te
+++ b/non_plat/fastbootd.te
@@ -1,25 +1,28 @@
 # fastbootd (used in recovery init.rc for /sbin/fastbootd)
 
 
-#allow fastbootd {
-#    bootdevice_block_device
+allow fastbootd {
+    bootdevice_block_device
+#    cache_block_device
+#    logo_block_device
+    para_block_device
+  }:blk_file { rw_file_perms };
+
+allow fastbootd {
+    sysfs_boot_type
+}:file { rw_file_perms };
+
+allow fastbootd self:process setfscreate;
+allow fastbootd self:capability sys_rawio;
+
+allowxperm fastbootd {
+    bootdevice_block_device
 #    cache_block_device
 #    logo_block_device
 #    para_block_device
-#  }:blk_file { rw_file_perms };
-
-#allow fastbootd {
-#    sysfs_boot_type
-#}:file { rw_file_perms };
-
-#allowxperm fastbootd {
-#    bootdevice_block_device
-#    cache_block_device
-#    logo_block_device
-#    para_block_device
-#  }:blk_file ioctl {
-#      BLKSECDISCARD
-#      BLKDISCARD
-#      MMC_IOCTLCMD
-#  };
+  }:blk_file ioctl {
+      BLKSECDISCARD
+      BLKDISCARD
+      MMC_IOCTLCMD
+  };