From 13a1b42362bab269fd10a002ba25453a1d9001e5 Mon Sep 17 00:00:00 2001
From: Tim Zimmermann <tim@linux4.de>
Date: Mon, 18 Jan 2021 11:47:53 +0100
Subject: [PATCH] common: add policy for fastbootd

Change-Id: I7dc4b026befb31fe6325ab704fa2fedf3c8cc56e
---
 common/vendor/device.te     | 1 +
 common/vendor/fastbootd.te  | 7 +++++++
 common/vendor/file_contexts | 5 +++++
 3 files changed, 13 insertions(+)
 create mode 100644 common/vendor/fastbootd.te

diff --git a/common/vendor/device.te b/common/vendor/device.te
index c84e969..47639b2 100644
--- a/common/vendor/device.te
+++ b/common/vendor/device.te
@@ -1,6 +1,7 @@
 # device.te
 type efs_block_device, dev_type;
 type dqmdbg_block_device, dev_type;
+type dtbo_block_device, dev_type;
 type keydata_block_device, dev_type;
 type keyrefuge_block_device, dev_type;
 type modem_block_device, dev_type;
diff --git a/common/vendor/fastbootd.te b/common/vendor/fastbootd.te
new file mode 100644
index 0000000..5435c6c
--- /dev/null
+++ b/common/vendor/fastbootd.te
@@ -0,0 +1,7 @@
+# fastbootd.te
+
+allow fastbootd {
+    boot_block_device
+    dtbo_block_device
+    recovery_block_device
+}:blk_file rw_file_perms;
diff --git a/common/vendor/file_contexts b/common/vendor/file_contexts
index 2926997..c77e585 100644
--- a/common/vendor/file_contexts
+++ b/common/vendor/file_contexts
@@ -10,17 +10,22 @@
 /data/vendor/secradio(/.*)?                  u:object_r:radio_vendor_data_file:s0
 
 ### DEV
+/dev/block/platform/.+/by-name/boot          u:object_r:boot_block_device:s0
 /dev/block/platform/.+/by-name/cache         u:object_r:cache_block_device:s0
 /dev/block/platform/.+/by-name/efs           u:object_r:efs_block_device:s0
 /dev/block/platform/.+/by-name/dqmdbg        u:object_r:dqmdbg_block_device:s0
+/dev/block/platform/.+/by-name/dtbo          u:object_r:dtbo_block_device:s0
 /dev/block/platform/.+/by-name/keydata       u:object_r:keydata_block_device:s0
 /dev/block/platform/.+/by-name/keyrefuge     u:object_r:keyrefuge_block_device:s0
+/dev/block/platform/.+/by-name/metadata      u:object_r:metadata_block_device:s0
 /dev/block/platform/.+/by-name/misc          u:object_r:misc_block_device:s0
 /dev/block/platform/.+/by-name/modem         u:object_r:modem_block_device:s0
 /dev/block/platform/.+/by-name/omr           u:object_r:omr_block_device:s0
 /dev/block/platform/.+/by-name/persistent    u:object_r:frp_block_device:s0
 /dev/block/platform/.+/by-name/radio         u:object_r:radio_block_device:s0
+/dev/block/platform/.+/by-name/recovery      u:object_r:recovery_block_device:s0
 /dev/block/platform/.+/by-name/sec_efs       u:object_r:sec_efs_block_device:s0
+/dev/block/platform/.+/by-name/super         u:object_r:super_block_device:s0
 /dev/block/platform/.+/by-name/userdata      u:object_r:userdata_block_device:s0
 
 /dev/esfp[0-9]                               u:object_r:fp_sensor_device:s0
-- 
2.20.1