From 2c859d048589f5731f0f8a93dfb936f152cb0d1f Mon Sep 17 00:00:00 2001
From: Randall Huang <huangrandall@google.com>
Date: Mon, 13 Feb 2023 16:58:39 +0800
Subject: [PATCH 1/2] storage: remove vold tracking_denials rules

Bug: 264483567
Test: boot to home
Change-Id: Iad702bf293ea374174034239c81ea3499c837cf0
Signed-off-by: Randall Huang <huangrandall@google.com>
---
 tracking_denials/vold.te | 10 ----------
 1 file changed, 10 deletions(-)
 delete mode 100644 tracking_denials/vold.te

diff --git a/tracking_denials/vold.te b/tracking_denials/vold.te
deleted file mode 100644
index a61a2be5..00000000
--- a/tracking_denials/vold.te
+++ /dev/null
@@ -1,10 +0,0 @@
-# b/264831112
-dontaudit vold modem_efs_file:dir { ioctl };
-dontaudit vold modem_efs_file:dir { open };
-dontaudit vold modem_efs_file:dir { read };
-dontaudit vold modem_userdata_file:dir { ioctl };
-dontaudit vold modem_userdata_file:dir { open };
-dontaudit vold modem_userdata_file:dir { read };
-dontaudit vold sysfs_scsi_devices_0000:file { write };
-# b/264972759
-dontaudit vold dumpstate:fd { use };

From 938e0732dd06210ca257c2e6039b62886e88c787 Mon Sep 17 00:00:00 2001
From: Randall Huang <huangrandall@google.com>
Date: Tue, 14 Feb 2023 08:45:23 +0800
Subject: [PATCH 2/2] storage: fix idle-maint avc denials.

Bug: 264483567
Test: run idle-maint run
Change-Id: If4e67ce574de8be2709ebdf9ed2d09ad952ac206
Signed-off-by: Randall Huang <huangrandall@google.com>
---
 radio/vold.te | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 radio/vold.te

diff --git a/radio/vold.te b/radio/vold.te
new file mode 100644
index 00000000..3923e9c5
--- /dev/null
+++ b/radio/vold.te
@@ -0,0 +1,4 @@
+allow vold modem_efs_file:dir rw_dir_perms;
+allow vold modem_userdata_file:dir rw_dir_perms;
+allow vold efs_block_device:blk_file { getattr };
+allow vold modem_userdata_block_device:blk_file { getattr };