Allow vold to invoke blkid, use external ASECs.

Bug: 11175082 Change-Id: Ic1bd15e8729583be199551ec6baeb4acaf46c210
author: Jeff Sharkey <jsharkey@android.com> 2013-10-17 12:56:08 -0700
committer: Jeff Sharkey <jsharkey@android.com> 2013-10-17 15:17:30 -0700
commit: 2abfe7d4f72b0265b1dec31e675650c77998f4d6 (patch)
tree: 277b64ff964b483548e3351b299494a072e41331 /vold.te
parent: 4fc702eccf2c427a44da4b02342250094ab61192 (diff)
download: android_external_sepolicy-2abfe7d4f72b0265b1dec31e675650c77998f4d6.tar.gz
android_external_sepolicy-2abfe7d4f72b0265b1dec31e675650c77998f4d6.tar.bz2
android_external_sepolicy-2abfe7d4f72b0265b1dec31e675650c77998f4d6.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/vold.te b/vold.te
index 1fce7bd..bbee60b 100644
--- a/vold.te
+++ b/vold.te
@@ -29,6 +29,9 @@ allow vold domain:{ file lnk_file } r_file_perms;
 allow vold domain:process { signal sigkill };
 allow vold self:capability { sys_ptrace kill };
 
+# For blkid
+allow vold shell_exec:file rx_file_perms;
+
 # XXX Label sysfs files with a specific type?
 allow vold sysfs:file rw_file_perms;
 
@@ -66,3 +69,5 @@ allow vold asec_image_file:dir rw_dir_perms;
 security_access_policy(vold)
 allow vold asec_apk_file:dir { rw_dir_perms setattr };
 allow vold asec_apk_file:file { r_file_perms setattr };
+allow vold sdcard_external:dir create_dir_perms;
+allow vold sdcard_external:file create_file_perms;
author	Jeff Sharkey <jsharkey@android.com>	2013-10-17 12:56:08 -0700
committer	Jeff Sharkey <jsharkey@android.com>	2013-10-17 15:17:30 -0700
commit	2abfe7d4f72b0265b1dec31e675650c77998f4d6 (patch)
tree	277b64ff964b483548e3351b299494a072e41331 /vold.te
parent	4fc702eccf2c427a44da4b02342250094ab61192 (diff)
download	android_external_sepolicy-2abfe7d4f72b0265b1dec31e675650c77998f4d6.tar.gz android_external_sepolicy-2abfe7d4f72b0265b1dec31e675650c77998f4d6.tar.bz2 android_external_sepolicy-2abfe7d4f72b0265b1dec31e675650c77998f4d6.zip