From 37b574130114211a3fcf4d91e79dd0c19e772224 Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@google.com>
Date: Fri, 6 Aug 2021 15:40:33 -0700
Subject: [PATCH] Add the 'bdev_type' attribute to all block device types

The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9

The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947

The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.

Bug: 194450129
Bug: 196982345
Test: Built Android images that include this change and verified that neither init nor apexd triggers any SELinux access denied errors.
Change-Id: I6ce1127f199c5b33812f15fe280d86594d7d7ebf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
---
 whitechapel/vendor/google/device.te | 20 ++++++++++----------
 whitechapel/vendor/google/file.te   |  2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/whitechapel/vendor/google/device.te b/whitechapel/vendor/google/device.te
index bd62647d..bc3c9477 100644
--- a/whitechapel/vendor/google/device.te
+++ b/whitechapel/vendor/google/device.te
@@ -1,12 +1,12 @@
 # Block Devices
-type efs_block_device, dev_type;
-type fat_block_device, dev_type;
-type modem_block_device, dev_type;
-type modem_userdata_block_device, dev_type;
-type persist_block_device, dev_type;
-type vendor_block_device, dev_type;
-type sda_block_device, dev_type;
-type mfg_data_block_device, dev_type;
+type efs_block_device, dev_type, bdev_type;
+type fat_block_device, dev_type, bdev_type;
+type modem_block_device, dev_type, bdev_type;
+type modem_userdata_block_device, dev_type, bdev_type;
+type persist_block_device, dev_type, bdev_type;
+type vendor_block_device, dev_type, bdev_type;
+type sda_block_device, dev_type, bdev_type;
+type mfg_data_block_device, dev_type, bdev_type;
 
 # Exynos devices
 type vendor_m2m1shot_device, dev_type;
@@ -14,8 +14,8 @@ type vendor_gnss_device, dev_type;
 type vendor_nanohub_device, dev_type;
 type vendor_secmem_device, dev_type;
 type vendor_toe_device, dev_type;
-type custom_ab_block_device, dev_type;
-type devinfo_block_device, dev_type;
+type custom_ab_block_device, dev_type, bdev_type;
+type devinfo_block_device, dev_type, bdev_type;
 
 # usbpd
 type logbuffer_device, dev_type;
diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te
index 85c8dcca..b8c22e12 100644
--- a/whitechapel/vendor/google/file.te
+++ b/whitechapel/vendor/google/file.te
@@ -78,7 +78,7 @@ type updated_wifi_firmware_data_file, file_type, data_file_type;
 type mediadrm_vendor_data_file, file_type, data_file_type;
 
 # Storage Health HAL
-type sysfs_scsi_devices_0000, sysfs_type, fs_type;
+type sysfs_scsi_devices_0000, sysfs_type, fs_type, sysfs_block_type;
 type debugfs_f2fs, debugfs_type, fs_type;
 type proc_f2fs, proc_type, fs_type;