From 7bfaa1d75fa10f0561dad36efd2e3fe4936893bd Mon Sep 17 00:00:00 2001 From: "Kevin F. Haggerty" Date: Fri, 4 Sep 2020 14:51:35 -0600 Subject: [PATCH] msm8974-common: sepolicy: Allow ioctls necessary for physical sdcard operations * Note: 0x1271 is note defined in system/sepolicy/public/ioctl_defines avc: denied { ioctl } for path="/dev/block/vold/public:179,65" dev="tmpfs" ino=19222 ioctlcmd=125e scontext=u:r:vold:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 avc: denied { ioctl } for path="/dev/block/vold/public:179,65" dev="tmpfs" ino=20176 ioctlcmd=1271 scontext=u:r:vold:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 avc: denied { ioctl } for path="/dev/block/vold/public:179,65" dev="tmpfs" ino=27110 ioctlcmd=125e scontext=u:r:fsck_untrusted:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 avc: denied { ioctl } for path="/dev/block/vold/public:179,65" dev="tmpfs" ino=27110 ioctlcmd=1271 scontext=u:r:fsck_untrusted:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 Change-Id: I7bf2346b9517196160e4dde51baa550fb343bfdf --- sepolicy/common/fsck_untrusted.te | 3 +++ sepolicy/common/vold.te | 3 +++ 2 files changed, 6 insertions(+) diff --git a/sepolicy/common/fsck_untrusted.te b/sepolicy/common/fsck_untrusted.te index e16c2b8..84a914d 100644 --- a/sepolicy/common/fsck_untrusted.te +++ b/sepolicy/common/fsck_untrusted.te @@ -2,3 +2,6 @@ allow fsck_untrusted block_device:dir getattr; # /data/media allow fsck_untrusted media_rw_data_file:dir getattr; + +allowxperm fsck_untrusted vold_device:blk_file ioctl 0x1271; +allowxperm fsck_untrusted vold_device:blk_file ioctl BLKROGET; diff --git a/sepolicy/common/vold.te b/sepolicy/common/vold.te index 5498768..352f411 100644 --- a/sepolicy/common/vold.te +++ b/sepolicy/common/vold.te @@ -7,3 +7,6 @@ allow vold { efs_block_device system_block_device }:blk_file getattr; + +allowxperm vold vold_device:blk_file ioctl 0x1271; +allowxperm vold vold_device:blk_file ioctl BLKROGET;