Allow vold FS_IOC_{GET|SET}FLAGS ioctl. To enable quota project ID inheritance. Bug: 146419093 Test: no denials Change-Id: If9c616acc5010d513d1e7ccda0915cdb26272b8c

commit: 127f5e863cba3bc152249370f398192abfba8966 [log] [tgz]
author: Martijn Coenen <maco@google.com> Thu Feb 06 17:01:23 2020 +0000
committer: Martijn Coenen <maco@google.com> Thu Feb 06 18:08:36 2020 +0000
tree: d5dc9422984efdcbd630c03798d0c77cee17f508
parent: 164359b952b4cd5c44cf3ec3c07adee2f5a49277 [diff]
diff --git a/public/vold.te b/public/vold.te
index 0ffa119..07630de 100644
--- a/public/vold.te
+++ b/public/vold.te

@@ -96,9 +96,12 @@
 allow vold media_rw_data_file:dir mounton;
 
 # Allow setting extended attributes (for project quota IDs) on files and dirs
+# and to enable project ID inheritance through FS_IOC_SETFLAGS
 allowxperm vold media_rw_data_file:{ dir file } ioctl {
   FS_IOC_FSGETXATTR
   FS_IOC_FSSETXATTR
+  FS_IOC_GETFLAGS
+  FS_IOC_SETFLAGS
 };
 
 # Allow mounting of storage devices
commit	127f5e863cba3bc152249370f398192abfba8966	[log] [tgz]
author	Martijn Coenen <maco@google.com>	Thu Feb 06 17:01:23 2020 +0000
committer	Martijn Coenen <maco@google.com>	Thu Feb 06 18:08:36 2020 +0000
tree	d5dc9422984efdcbd630c03798d0c77cee17f508
parent	164359b952b4cd5c44cf3ec3c07adee2f5a49277 [diff]