Move layout_version to /data/misc/installd
Bug: 139543295
Test: Boot, ensure file is properly created
Change-Id: I577b25bcf61505970b153884d8ac3567957bb50a
diff --git a/private/file_contexts b/private/file_contexts
index a1002ab..8b25cfd 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -436,7 +436,6 @@
#
/data(/.*)? u:object_r:system_data_file:s0
/data/system/packages\.list u:object_r:packages_list_file:s0
-/data/.layout_version u:object_r:install_data_file:s0
/data/unencrypted(/.*)? u:object_r:unencrypted_data_file:s0
/data/backup(/.*)? u:object_r:backup_data_file:s0
/data/secure/backup(/.*)? u:object_r:backup_data_file:s0
@@ -495,6 +494,7 @@
/data/misc/dhcp-6\.8\.2(/.*)? u:object_r:dhcp_data_file:s0
/data/misc/gatekeeper(/.*)? u:object_r:gatekeeper_data_file:s0
/data/misc/incidents(/.*)? u:object_r:incident_data_file:s0
+/data/misc/installd(/.*)? u:object_r:install_data_file:s0
/data/misc/keychain(/.*)? u:object_r:keychain_data_file:s0
/data/misc/keystore(/.*)? u:object_r:keystore_data_file:s0
/data/misc/logd(/.*)? u:object_r:misc_logd_file:s0
diff --git a/private/installd.te b/private/installd.te
index 3693c59..743b24a 100644
--- a/private/installd.te
+++ b/private/installd.te
@@ -17,9 +17,6 @@
# Run idmap in its own sandbox.
domain_auto_trans(installd, idmap_exec, idmap)
-# Create /data/.layout_version.* file
-type_transition installd system_data_file:file install_data_file;
-
# For collecting bugreports.
allow installd dumpstate:fd use;
allow installd dumpstate:fifo_file r_file_perms;
diff --git a/public/file.te b/public/file.te
index 1fd00a4..cd7133c 100644
--- a/public/file.te
+++ b/public/file.te
@@ -239,8 +239,7 @@
type vendor_data_file, file_type, data_file_type;
# Unencrypted data
type unencrypted_data_file, file_type, data_file_type, core_data_file_type;
-# /data/.layout_version or other installd-created files that
-# are created in a system_data_file directory.
+# installd-create files in /data/misc/installd such as layout_version
type install_data_file, file_type, data_file_type, core_data_file_type;
# /data/drm - DRM plugin data
type drm_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/public/installd.te b/public/installd.te
index cec3d91..c1267a9 100644
--- a/public/installd.te
+++ b/public/installd.te
@@ -76,8 +76,9 @@
allow installd keychain_data_file:dir create_dir_perms;
allow installd keychain_data_file:file {r_file_perms unlink};
-# Create /data/.layout_version.* file
+# Create /data/misc/installd/layout_version.* file
allow installd install_data_file:file create_file_perms;
+allow installd install_data_file:dir rw_dir_perms;
# Create files under /data/dalvik-cache.
allow installd dalvikcache_data_file:dir create_dir_perms;
diff --git a/public/sdcardd.te b/public/sdcardd.te
index 83c1840..1ae3770 100644
--- a/public/sdcardd.te
+++ b/public/sdcardd.te
@@ -22,8 +22,9 @@
allow sdcardd system_data_file:file r_file_perms;
allow sdcardd packages_list_file:file r_file_perms;
-# Read /data/.layout_version
+# Read /data/misc/installd/layout_version
allow sdcardd install_data_file:file r_file_perms;
+allow sdcardd install_data_file:dir search;
# Allow stdin/out back to vold
allow sdcardd vold:fd use;