Merge "DO NOT MERGE - Merge PPRL.190205.001 into master"
diff --git a/private/apexd.te b/private/apexd.te
index ef20478..a35e4cc 100644
--- a/private/apexd.te
+++ b/private/apexd.te
@@ -41,7 +41,7 @@
# allow apexd to create symlinks in /apex
allow apexd apex_mnt_dir:lnk_file create_file_perms;
# allow apexd to unlink apex files in /data/apex/active
-# note that apexd won't be able to unlink files in /data/staging/session_XXXX,
+# note that apexd won't be able to unlink files in /data/pkg_staging/session_XXXX,
# because it doesn't have write permission for staging_data_file object.
allow apexd staging_data_file:file unlink;
@@ -50,7 +50,7 @@
allow apexd apk_tmp_file:file relabelfrom;
allow apexd apex_data_file:file relabelto;
-# allow apexd to read files from /data/staging and hardlink them to /data/apex.
+# allow apexd to read files from /data/pkg_staging and hardlink them to /data/apex.
allow apexd staging_data_file:dir r_dir_perms;
allow apexd staging_data_file:file { r_file_perms link };
diff --git a/private/bug_map b/private/bug_map
index a5fdb74..7606ce8 100644
--- a/private/bug_map
+++ b/private/bug_map
@@ -23,12 +23,14 @@
netd untrusted_app_25 unix_stream_socket 77870037
netd untrusted_app_27 unix_stream_socket 77870037
platform_app nfc_data_file dir 74331887
+priv_app mnt_user_file dir 118185801
system_server crash_dump process 73128755
system_server sdcardfs file 77856826
system_server storage_stub_file dir 112609936
system_server zygote process 77856826
untrusted_app_27 mnt_user_file dir 118185801
usbd usbd capability 72472544
+vold system_data_file file 124108085
vrcore_app mnt_user_file dir 118185801
webview_zygote system_data_file lnk_file 123246126
zygote untrusted_app_25 process 77925912
diff --git a/private/file_contexts b/private/file_contexts
index 97352a5..1c038ad 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -453,7 +453,7 @@
/data/preloads/media(/.*)? u:object_r:preloads_media_file:s0
/data/preloads/demo(/.*)? u:object_r:preloads_media_file:s0
/data/server_configurable_flags(/.*)? u:object_r:server_configurable_flags_data_file:s0
-/data/staging(/.*)? u:object_r:staging_data_file:s0
+/data/pkg_staging(/.*)? u:object_r:staging_data_file:s0
# Misc data
/data/misc/adb(/.*)? u:object_r:adb_keys_file:s0
diff --git a/private/system_server.te b/private/system_server.te
index 4a48983..7e16f6a 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -481,7 +481,7 @@
allow system_server zoneinfo_data_file:dir create_dir_perms;
allow system_server zoneinfo_data_file:file create_file_perms;
-# Manage /data/staging.
+# Manage /data/pkg_staging.
allow system_server staging_data_file:dir create_dir_perms;
allow system_server staging_data_file:file create_file_perms;
diff --git a/public/fastbootd.te b/public/fastbootd.te
index 5827c50..e5ebafc 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te
@@ -29,6 +29,12 @@
# Read serial number of the device from system properties
get_prop(fastbootd, serialno_prop)
+ # For dev/block/by-name dir
+ allow fastbootd block_device:dir r_dir_perms;
+
+ # Needed for DM_DEV_CREATE ioctl call
+ allow fastbootd self:capability sys_admin;
+
# Set sys.usb.ffs.ready.
set_prop(fastbootd, ffs_prop)
set_prop(fastbootd, exported_ffs_prop)
diff --git a/public/file.te b/public/file.te
index 073be04..82438de 100644
--- a/public/file.te
+++ b/public/file.te
@@ -264,7 +264,7 @@
type dhcp_data_file, file_type, data_file_type, core_data_file_type;
# /data/server_configurable_flags
type server_configurable_flags_data_file, file_type, data_file_type, core_data_file_type;
-# /data/staging
+# /data/pkg_staging
type staging_data_file, file_type, data_file_type, core_data_file_type;
# Mount locations managed by vold