vold_prepare_subdirs sets policy in vold-created dirs.
Bug: 25861755
Test: Boot device, observe logs
Change-Id: I6c13430d42e9794003eb48e6ca219b874112b900
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 1f2d823..2cb4d09 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -33,6 +33,8 @@
thermalserviced_tmpfs
timezone_service
tombstoned_java_trace_socket
+ vold_prepare_subdirs
+ vold_prepare_subdirs_exec
vold_service
wpantund
wpantund_exec
diff --git a/private/file_contexts b/private/file_contexts
index a981714..fb6099d 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -271,6 +271,7 @@
/system/etc/selinux/plat_and_mapping_sepolicy\.cil\.sha256 u:object_r:sepolicy_file:s0
/system/bin/vr_hwc u:object_r:vr_hwc_exec:s0
/system/bin/adbd u:object_r:adbd_exec:s0
+/system/bin/vold_prepare_subdirs u:object_r:vold_prepare_subdirs_exec:s0
#############################
# Vendor files
@@ -431,6 +432,10 @@
# User icon files
/data/system/users/[0-9]+/photo.png u:object_r:icon_file:s0
+# vold per-user data
+/data/misc_de/[0-9]+/vold(/.*)? u:object_r:vold_data_file:s0
+/data/misc_ce/[0-9]+/vold(/.*)? u:object_r:vold_data_file:s0
+
#############################
# efs files
#
diff --git a/private/vold_prepare_subdirs.te b/private/vold_prepare_subdirs.te
new file mode 100644
index 0000000..c2146f9
--- /dev/null
+++ b/private/vold_prepare_subdirs.te
@@ -0,0 +1 @@
+domain_auto_trans(vold, vold_prepare_subdirs_exec, vold_prepare_subdirs)