From 0cf7210eb1b5ba1d22fb8dcb59f40cb74b98dd37 Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@google.com>
Date: Wed, 11 Jan 2023 13:54:53 -0800
Subject: [PATCH] Allow mkfs/fsck for vendor partitons

Change-Id: I425c56edf9b12f1b86994f58100ecc9a8e1b58b2
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
---
 vendor/e2fs.te | 8 ++++++++
 vendor/fsck.te | 3 +++
 2 files changed, 11 insertions(+)
 create mode 100644 vendor/e2fs.te

diff --git a/vendor/e2fs.te b/vendor/e2fs.te
new file mode 100644
index 00000000..3e72adfb
--- /dev/null
+++ b/vendor/e2fs.te
@@ -0,0 +1,8 @@
+allow e2fs persist_block_device:blk_file rw_file_perms;
+allow e2fs efs_block_device:blk_file rw_file_perms;
+allow e2fs modem_userdata_block_device:blk_file rw_file_perms;
+allowxperm e2fs { persist_block_device efs_block_device modem_userdata_block_device }:blk_file ioctl {
+  BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET
+};
+allow e2fs sysfs_scsi_devices_0000:dir r_dir_perms;
+allow e2fs sysfs_scsi_devices_0000:file r_file_perms;
diff --git a/vendor/fsck.te b/vendor/fsck.te
index 1c337a26..cb9470d0 100644
--- a/vendor/fsck.te
+++ b/vendor/fsck.te
@@ -1,2 +1,5 @@
+allow fsck persist_block_device:blk_file rw_file_perms;
+allow fsck efs_block_device:blk_file rw_file_perms;
+allow fsck modem_userdata_block_device:blk_file rw_file_perms;
 allow fsck sysfs_scsi_devices_0000:dir r_dir_perms;
 allow fsck sysfs_scsi_devices_0000:file r_file_perms;