From e277259f086604090fa7db40db0ee88ee1a813eb Mon Sep 17 00:00:00 2001
From: SalmaxChang <salmaxchang@google.com>
Date: Thu, 1 Apr 2021 15:28:07 +0800
Subject: [PATCH] e2fs: Fix avc errors

avc: denied { read } for comm="mke2fs" name="sda5" dev="tmpfs" ino=574 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file
avc: denied { ioctl } for comm="mke2fs" path="/dev/block/sda5" dev="tmpfs" ino=510 ioctlcmd=0x127b scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file

Bug: 184221482
Change-Id: Ic0c697bb591135d9830cd9e32e110cb5b5eb1504
---
 whitechapel/vendor/google/e2fs.te | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 whitechapel/vendor/google/e2fs.te

diff --git a/whitechapel/vendor/google/e2fs.te b/whitechapel/vendor/google/e2fs.te
new file mode 100644
index 00000000..a6664594
--- /dev/null
+++ b/whitechapel/vendor/google/e2fs.te
@@ -0,0 +1,6 @@
+allow e2fs persist_block_device:blk_file rw_file_perms;
+allow e2fs efs_block_device:blk_file rw_file_perms;
+allow e2fs modem_userdata_block_device:blk_file rw_file_perms;
+allowxperm e2fs { persist_block_device efs_block_device modem_userdata_block_device }:blk_file ioctl {
+  BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET
+};