Merge changes I15bd76e5,I5572c3b0 * changes: Sepolicy: Allow otapreopt_chroot to find linker Sepolicy: Move otapreopt_chroot to private

commit: 2db55f184e20cc2ec478338488b634ead238c3c9 [log] [tgz]
author: Andreas Gampe <agampe@google.com> Mon Mar 18 21:00:04 2019 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Mon Mar 18 21:00:04 2019 +0000
tree: ee933904a19ffff9e4d9de76d6082f44e79ce01a
parent: 118f0bf1fb41ef15c7c4c89e7d72242ebc666934 [diff]
parent: 3c581e20645112b6bb68311912896c2b307954ed [diff]
diff --git a/public/fastbootd.te b/public/fastbootd.te
index 99ccd8c..7b71c2c 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te

@@ -86,6 +86,11 @@
     # Refined manipulation of /mnt/scratch, without these perms resorts
     # to deleting scratch partition when partition(s) are flashed.
     allow fastbootd self:process setfscreate;
+    allow fastbootd cache_file:dir search;
+    allow fastbootd proc_filesystems:file { getattr open read };
+    allow fastbootd self:capability sys_rawio;
+    dontaudit fastbootd kernel:system module_request;
+    allowxperm fastbootd dev_type:blk_file ioctl BLKROSET;
     allow fastbootd overlayfs_file:dir { create_dir_perms mounton };
     allow fastbootd {
       system_file_type
commit	2db55f184e20cc2ec478338488b634ead238c3c9	[log] [tgz]
author	Andreas Gampe <agampe@google.com>	Mon Mar 18 21:00:04 2019 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Mon Mar 18 21:00:04 2019 +0000
tree	ee933904a19ffff9e4d9de76d6082f44e79ce01a
parent	118f0bf1fb41ef15c7c4c89e7d72242ebc666934 [diff]
parent	3c581e20645112b6bb68311912896c2b307954ed [diff]