msm8916: Add selinux-policy to make boot_control work in update_engine.

The msm8916 boot_control implementation modifies the partition table when managing A/B. BUG=24675877 Change-Id: I649c9193b3f7a0d5c83b7959b9b54fcb7a00997e
author: David Zeuthen <zeuthen@google.com> 2015-11-09 14:00:31 -0500
committer: David Zeuthen <zeuthen@google.com> 2015-11-09 14:00:31 -0500
commit: 953873817ccb5f4612d8151fbec749c8060da097 (patch)
tree: 3531abe023d09136896f4d4f99fbb71ffdaa3cb9
parent: 8a61733a63c964ae2cd18acadeef07232f0becd0 (diff)
download: qcom-953873817ccb5f4612d8151fbec749c8060da097.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/soc/msm8916/sepolicy/update_engine.te b/soc/msm8916/sepolicy/update_engine.te
new file mode 100644
index 0000000..2bb5061
--- /dev/null
+++ b/soc/msm8916/sepolicy/update_engine.te
@@ -0,0 +1,7 @@
+# This file contains msm8916-specific SELinux policy for
+# update_engine. For the main update_engine policy, see
+# external/sepolicy/update_engine.te
+
+# Allow read/write on whole disk. This is needed because the msm8916
+# boot_control HAL modifies the partition table when managing A/B.
+allow update_engine mmc_block_device:blk_file rw_file_perms;
author	David Zeuthen <zeuthen@google.com>	2015-11-09 14:00:31 -0500
committer	David Zeuthen <zeuthen@google.com>	2015-11-09 14:00:31 -0500
commit	953873817ccb5f4612d8151fbec749c8060da097 (patch)
tree	3531abe023d09136896f4d4f99fbb71ffdaa3cb9
parent	8a61733a63c964ae2cd18acadeef07232f0becd0 (diff)
download	qcom-953873817ccb5f4612d8151fbec749c8060da097.tar.gz