commit 3784e7fcfa59c960904f39fb08bc8806c9a6d6ab
author Yifan Hong <elsk@google.com> Tue Aug 21 01:07:56 2018 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Tue Aug 21 01:07:56 2018 +0000
tree c99dde9769be1f41086278f6328baeebaab1eb05
parent 6fc083693a2f3ce7e138fa165ad9badd27a6ba57
parent e217ab1b4de50528178bd45b132656a44f884c2f

Merge "s/product-services/product_services/g"

private/compat/26.0/26.0.ignore.cil

diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index d52b41b..1594979 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -114,6 +114,7 @@
     statsdw_socket
     statscompanion_service
     storaged_data_file
+    super_block_device
     sysfs_fs_ext4_features
     system_boot_reason_prop
     system_lmk_prop

private/compat/27.0/27.0.ignore.cil

diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 8e5370c..d56de68 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -101,6 +101,7 @@
     statsdw
     statsdw_socket
     storaged_data_file
+    super_block_device
     system_boot_reason_prop
     system_lmk_prop
     system_suspend_hwservice

private/compat/28.0/28.0.ignore.cil

diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 5386bee..c40ea06 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -16,6 +16,7 @@
     mnt_product_file
     overlayfs_file
     recovery_socket
+    super_block_device
     system_lmk_prop
     system_suspend_hwservice
     time_prop

public/device.te

diff --git a/public/device.te b/public/device.te
index 231c839..c68b515 100644
--- a/public/device.te
+++ b/public/device.te
@@ -104,3 +104,6 @@
 
 # The 'misc' partition used by recovery and A/B.
 type misc_block_device, dev_type;
+
+# 'super' partition to be used for logical partitioning.
+type super_block_device, dev_type;

public/fastbootd.te

diff --git a/public/fastbootd.te b/public/fastbootd.te
index 82ae47b..1d39d50 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te
@@ -38,6 +38,7 @@
   allow fastbootd dm_device:chr_file rw_file_perms;
   allow fastbootd dm_device:blk_file rw_file_perms;
 
+  allow fastbootd super_block_device:blk_file rw_file_perms;
   allow fastbootd system_block_device:blk_file rw_file_perms;
   allow fastbootd boot_block_device:blk_file rw_file_perms;
 

public/mediaserver.te

diff --git a/public/mediaserver.te b/public/mediaserver.te
index b9b08dd..c0d4e70 100644
--- a/public/mediaserver.te
+++ b/public/mediaserver.te
@@ -96,7 +96,7 @@
 allow mediaserver oemfs:file r_file_perms;
 
 # /vendor apk access
-allow mediaserver vendor_app_file:file r_file_perms;
+allow mediaserver vendor_app_file:file { read map };
 
 use_drmservice(mediaserver)
 allow mediaserver drmserver:drmservice {