From 9a19f575a4c991bf2d7bc2f8f980909910ee4cce Mon Sep 17 00:00:00 2001
From: Pawit Pornkitprasan
Date: Fri, 15 Nov 2013 09:54:39 +0700
Subject: [PATCH] sepolicy: allow vold to mount ext4 sdcard
When vold mounts an ext4 sdcard, it needs to force the context to
sdcard_external.
avc: denied { relabelfrom } for pid=190 comm=vold scontext=u:r:vold:s0 tcontext=u:object_r:labeledfs:s0 tclass=filesystem
avc: denied { relabelto } for pid=190 comm=vold scontext=u:r:vold:s0 tcontext=u:object_r:sdcard_external:s0 tclass=filesystem
avc: denied { relabelfrom } for pid=190 comm=vold scontext=u:r:vold:s0 tcontext=u:object_r:sdcard_external:s0 tclass=filesystem
Change-Id: I80f42fbdf738dee10958ce1bdc1893a41234f0d9
---
sepolicy/vold.te | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/sepolicy/vold.te b/sepolicy/vold.te
index 24514422..98777662 100644
--- a/sepolicy/vold.te
+++ b/sepolicy/vold.te
@@ -1,2 +1,7 @@
# Allow vold to manage ASEC
allow vold sdcard_external:file create_file_perms;
+
+# Allow vold to change context for mounted ext4 sdcard
+relabelto_domain(vold)
+allow vold labeledfs:filesystem { relabelfrom };
+allow vold sdcard_external:filesystem { relabelfrom relabelto };