From 6736bac21870bdc8bb6098ddffdb70103f7bc2a3 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Thu, 24 Apr 2014 13:31:29 -0700
Subject: [PATCH] Define types for an OEM-provided filesystem.

Bug: 13340779
Change-Id: I6151b6b61ddf90327d51815d13fd65be561be587
---
 app.te  | 4 ++++
 file.te | 1 +
 2 files changed, 5 insertions(+)

diff --git a/app.te b/app.te
index 83bb78c4a..261ec3297 100644
--- a/app.te
+++ b/app.te
@@ -52,6 +52,10 @@ allow appdomain app_data_file:notdevfile_class_set create_file_perms;
 allow appdomain system_data_file:dir r_dir_perms;
 allow appdomain system_data_file:file { execute execute_no_trans open };
 
+# Access to OEM provided data and apps
+allow appdomain oemfs:dir r_dir_perms;
+allow appdomain oemfs:file rx_file_perms;
+
 # Execute the shell or other system executables.
 allow appdomain shell_exec:file rx_file_perms;
 allow appdomain system_file:file rx_file_perms;
diff --git a/file.te b/file.te
index af2f9583e..f42585a11 100644
--- a/file.te
+++ b/file.te
@@ -33,6 +33,7 @@ type sdcard_external, sdcard_type, fs_type, mlstrustedobject;
 type debugfs, fs_type, mlstrustedobject;
 type pstorefs, fs_type;
 type functionfs, fs_type;
+type oemfs, fs_type;
 
 # File types
 type unlabeled, file_type;
-- 
GitLab