From c1a23d04977ed2f073eaf25a86f739ab1d3ce9de Mon Sep 17 00:00:00 2001
From: Yabin Cui <yabinc@google.com>
Date: Wed, 6 Apr 2016 15:53:09 -0700
Subject: [PATCH] Allow init and vold writing misc block device.

Bug: 27176738
Change-Id: Ib52bb94973d20591dd440cea42aadfa53d476848
---
 init.te | 3 +++
 vold.te | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/init.te b/init.te
index c8b39eb37..d8ed8b8f8 100644
--- a/init.te
+++ b/init.te
@@ -286,6 +286,9 @@ allow init unencrypted_data_file:dir create_dir_perms;
 
 unix_socket_connect(init, vold, vold)
 
+# Raw writes to misc block device
+allow init misc_block_device:blk_file w_file_perms;
+
 ###
 ### neverallow rules
 ###
diff --git a/vold.te b/vold.te
index 566356223..6d5d9942e 100644
--- a/vold.te
+++ b/vold.te
@@ -189,6 +189,9 @@ allow vold toolbox_exec:file rx_file_perms;
 allow vold user_profile_data_file:dir create_dir_perms;
 allow vold user_profile_foreign_dex_data_file:dir { getattr setattr };
 
+# Raw writes to misc block device
+allow vold misc_block_device:blk_file w_file_perms;
+
 neverallow { domain -vold } vold_data_file:dir ~{ open create read getattr setattr search relabelto ioctl };
 neverallow { domain -vold } vold_data_file:notdevfile_class_set ~{ relabelto getattr };
 neverallow { domain -vold -init } vold_data_file:dir *;
-- 
GitLab