From 1025d1383ba49243c2cb53716e4dfc65de8cd613 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Thu, 26 Feb 2015 20:33:40 -0800
Subject: [PATCH] kernel.te: fix MTP sync

STEPS TO REPRODUCE:
  1. Connect the device to Mac.
  2. Switch to AFT.
  3. Now AFT on Mac will show the device contents.
  4. Now drag and drop the file to device and observe.

EXPECTED RESULTS:
  Should able to copy.

OBSERVED RESULTS:
  Showing can not copy file and on clicking ok,
  It shows device storage can not connect and close the AFT.

Addresses the following denial:

  W kworker/u:11: type=1400 audit(0.0:729): avc: denied { use } for path="/storage/emulated/0/Download/song2.mp3" dev="fuse" ino=143 scontext=u:r:kernel:s0 tcontext=u:r:untrusted_app:s0:c512,c768 tclass=fd
  12310 12530 E MtpRequestPacket: Malformed MTP request packet

ps -Z entry:
  u:r:untrusted_app:s0:c512,c768 u0_a6     12310 203   android.process.media

Bug: 15835289
Change-Id: I47b653507f8d4089b31254c19f44706077e2e96a
---
 kernel.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kernel.te b/kernel.te
index fa8ccd523..ff34ece6c 100644
--- a/kernel.te
+++ b/kernel.te
@@ -45,7 +45,7 @@ allow kernel self:security setcheckreqprot;
 
 # MTP sync (b/15835289)
 # kernel thread "loop0", used by the loop block device, for ASECs (b/17158723)
-allow kernel vold:fd use;
+allow kernel untrusted_app:fd use;
 allow kernel sdcard_type:file { read write };
 
 # Allow the kernel to read OBB files from app directories. (b/17428116)
@@ -53,6 +53,7 @@ allow kernel sdcard_type:file { read write };
 # Fixes CTS tests:
 #  * android.os.storage.cts.StorageManagerTest#testMountAndUnmountObbNormal
 #  * android.os.storage.cts.StorageManagerTest#testMountAndUnmountTwoObbs
+allow kernel vold:fd use;
 allow kernel app_data_file:file read;
 
 ###
-- 
GitLab