From 2abfe7d4f72b0265b1dec31e675650c77998f4d6 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Thu, 17 Oct 2013 12:56:08 -0700
Subject: [PATCH] Allow vold to invoke blkid, use external ASECs.

Bug: 11175082
Change-Id: Ic1bd15e8729583be199551ec6baeb4acaf46c210
---
 vold.te | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/vold.te b/vold.te
index 1fce7bd24..bbee60b8b 100644
--- a/vold.te
+++ b/vold.te
@@ -29,6 +29,9 @@ allow vold domain:{ file lnk_file } r_file_perms;
 allow vold domain:process { signal sigkill };
 allow vold self:capability { sys_ptrace kill };
 
+# For blkid
+allow vold shell_exec:file rx_file_perms;
+
 # XXX Label sysfs files with a specific type?
 allow vold sysfs:file rw_file_perms;
 
@@ -66,3 +69,5 @@ allow vold asec_image_file:dir rw_dir_perms;
 security_access_policy(vold)
 allow vold asec_apk_file:dir { rw_dir_perms setattr };
 allow vold asec_apk_file:file { r_file_perms setattr };
+allow vold sdcard_external:dir create_dir_perms;
+allow vold sdcard_external:file create_file_perms;
-- 
GitLab