From 63145bc394d99b203335c664e4a25a2f5e0ef2f4 Mon Sep 17 00:00:00 2001
From: Light Hsieh <light.hsieh@mediatek.com>
Date: Sat, 18 Jan 2020 10:18:50 +0800
Subject: [PATCH] [ALPS04688289] sepolicy: Add sepolicy rule for mke2fs

Add sepolicy rule for mke2fs

MTK-Commit-Id: 979d9a74c16df6bac1dc47f7d40f0f6cb153c864

Change-Id: I774a962e4df4608921c8e29bec5019fcedfdfbd9
CR-Id: ALPS04688289
Feature: eMMC Boot Up
---
 non_plat/e2fs.te | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/non_plat/e2fs.te b/non_plat/e2fs.te
index 4b9931e..f927a21 100644
--- a/non_plat/e2fs.te
+++ b/non_plat/e2fs.te
@@ -19,13 +19,16 @@ allow e2fs devpts:chr_file {read write};
 allow e2fs cache_block_device:blk_file rw_file_perms;
 allow e2fs userdata_block_device:blk_file rw_file_perms;
 
-# Date : WK19.11
-# Operation: Q migration
-# Purpose : Allow mke2fs to use ioctl/ioctlcmd
-allowxperm e2fs protect1_block_device:blk_file ioctl BLKPBSZGET;
-allowxperm e2fs protect2_block_device:blk_file ioctl BLKPBSZGET;
-
 # Date : WK19.23
 # Operation: Q migration
 # Purpose : Allow format /metadata for UDC
 allow e2fs metadata_block_device:blk_file rw_file_perms;
+
+# Date : WK19.34
+# Operation: Q migration
+# Purpose : Allow mke2fs to use ioctl/ioctlcmd
+allowxperm e2fs protect1_block_device:blk_file ioctl { BLKPBSZGET BLKROGET BLKDISCARD BLKDISCARDZEROES BLKSECDISCARD };
+allowxperm e2fs protect2_block_device:blk_file ioctl { BLKPBSZGET BLKROGET BLKDISCARD BLKDISCARDZEROES BLKSECDISCARD };
+allowxperm e2fs nvdata_device:blk_file ioctl { BLKPBSZGET BLKROGET BLKDISCARD BLKDISCARDZEROES BLKSECDISCARD };
+allowxperm e2fs nvcfg_block_device:blk_file ioctl { BLKPBSZGET BLKROGET BLKDISCARD BLKDISCARDZEROES BLKSECDISCARD };
+allowxperm e2fs persist_block_device:blk_file ioctl { BLKPBSZGET BLKROGET BLKDISCARD BLKDISCARDZEROES BLKSECDISCARD };