From 7e57731898fe3ef5f36d7c41607261d61e72ca56 Mon Sep 17 00:00:00 2001
From: Jin Qian <jinqian@google.com>
Date: Wed, 7 Jun 2017 17:41:43 -0700
Subject: [PATCH] allow recovery to run mke2fs tools

recovery exec /system/bin/{mke2fs,e2fsdroid} to format userdata

Bug: 35219933
Change-Id: I77e75c2dc55d4bea7984707f27bc215de186c4d1
---
 public/recovery.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/public/recovery.te b/public/recovery.te
index fe0b20e4e..6e1cc2b02 100644
--- a/public/recovery.te
+++ b/public/recovery.te
@@ -29,6 +29,9 @@ recovery_only(`
   allow recovery unlabeled:filesystem ~relabelto;
   allow recovery contextmount_type:filesystem relabelto;
 
+  # Format ext4 filesystem
+  allow recovery e2fs_exec:file rx_file_perms;
+
   # Create and relabel files and directories under /system.
   allow recovery exec_type:{ file lnk_file } { create_file_perms relabelfrom relabelto };
   allow recovery { system_file }:{ file lnk_file } { create_file_perms relabelfrom relabelto };
-- 
GitLab