From 6ec23c152f7da13f6e908d13bbe6d86aa0d8fa9a Mon Sep 17 00:00:00 2001
From: Randall Huang <huangrandall@google.com>
Date: Wed, 4 Sep 2024 00:05:10 +0800
Subject: [PATCH] storage: move storage related device type to common folder

Bug: 364225000
Test: forrest build
Change-Id: Ica102c5a1ec45560939ac32c3ec22e721659c3cf
Signed-off-by: Randall Huang <huangrandall@google.com>
---
 storage/sepolicy/device.te              | 9 +++++++++
 storage/sepolicy/file_contexts          | 3 +++
 storage/sepolicy/ufs_firmware_update.te | 2 ++
 3 files changed, 14 insertions(+)

diff --git a/storage/sepolicy/device.te b/storage/sepolicy/device.te
index e0968f9..1252ee0 100644
--- a/storage/sepolicy/device.te
+++ b/storage/sepolicy/device.te
@@ -1,2 +1,11 @@
 # Userdata Exp block device.
 type userdata_exp_block_device, dev_type;
+
+# Block Devices
+type persist_block_device, dev_type;
+type efs_block_device, dev_type;
+type modem_userdata_block_device, dev_type;
+
+# Storage firmware upgrade
+type ufs_internal_block_device, dev_type;
+
diff --git a/storage/sepolicy/file_contexts b/storage/sepolicy/file_contexts
index 30335eb..1ef5a67 100644
--- a/storage/sepolicy/file_contexts
+++ b/storage/sepolicy/file_contexts
@@ -1,6 +1,9 @@
+# storage
 /vendor/bin/dump/dump_storage      u:object_r:dump_storage_exec:s0
 /sys/devices/platform/[0-9a-z]+\.ufs/pixel/enable_pixel_ufs_logging  u:object_r:sysfs_scsi_devices_0000:s0
 /dev/sg[0-9]                       u:object_r:sg_device:s0
 /data/vendor/storage(/.*)?         u:object_r:dump_storage_data_file:s0
 /vendor/bin/sg_read_buffer         u:object_r:sg_util_exec:s0
 /dev/block/by-name/userdata_exp.*  u:object_r:userdata_exp_block_device:s0
+/vendor/bin/ufs_firmware_update\.sh                                  u:object_r:ufs_firmware_update_exec:s0
+
diff --git a/storage/sepolicy/ufs_firmware_update.te b/storage/sepolicy/ufs_firmware_update.te
index 1b92976..2313121 100644
--- a/storage/sepolicy/ufs_firmware_update.te
+++ b/storage/sepolicy/ufs_firmware_update.te
@@ -1,5 +1,7 @@
 # support ufs ffu via ota
 init_daemon_domain(ufs_firmware_update)
+type ufs_firmware_update, domain;
+type ufs_firmware_update_exec, vendor_file_type, exec_type, file_type;
 
 # support ufs ffu via ota
 allow ufs_firmware_update vendor_toolbox_exec:file execute_no_trans;