Let vold mount OBB files on external storage.

Fixes this specific violation:

type=1400 audit(1384468728.202:16): avc:  denied { read write } for
pid=271 comm="vold" name="test1.obb" dev="fuse" ino=3100664872
scontext=u:r:vold:s0 tcontext=u:object_r:sdcard_internal:s0
tclass=file

Bug: 11693888
Change-Id: I45d30ecabdf0bc8871f3dd67b5695ac909109d9a

1 files changed, 1 insertions, 2 deletions

diff --git a/vold.te b/vold.te
index bbee60b..5c83828 100644
--- a/vold.te
+++ b/vold.te
@@ -14,6 +14,7 @@ allow vold rootfs:dir mounton;
 allow vold sdcard_type:dir mounton;
 allow vold sdcard_type:filesystem { mount remount unmount };
 allow vold sdcard_type:dir create_dir_perms;
+allow vold sdcard_type:file create_file_perms;
 allow vold tmpfs:filesystem { mount unmount };
 allow vold tmpfs:dir create_dir_perms;
 allow vold tmpfs:dir mounton;
@@ -69,5 +70,3 @@ allow vold asec_image_file:dir rw_dir_perms;
 security_access_policy(vold)
 allow vold asec_apk_file:dir { rw_dir_perms setattr };
 allow vold asec_apk_file:file { r_file_perms setattr };
-allow vold sdcard_external:dir create_dir_perms;
-allow vold sdcard_external:file create_file_perms;