Sepolicy for rw mount point for vendors.
Bug: 64905218
Test: device boots with /mnt/vendor present and selinux label
mnt_vendor_file applied correctly.
Change-Id: Ib34e2859948019d237cf2fe8f71845ef2533ae27
Merged-In: Ib34e2859948019d237cf2fe8f71845ef2533ae27
(cherry picked from commit 210a805b46782a2a49bf5338732cf8c6abaf95de)
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 68d6b40..bc31452 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -66,6 +66,7 @@
lowpan_service
mediaextractor_update_service
mediaprovider_tmpfs
+ mnt_vendor_file
netd_stable_secret_prop
network_watchlist_data_file
network_watchlist_service
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 1eaf22a..0571bfc 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -54,6 +54,7 @@
lowpan_prop
lowpan_service
mediaextractor_update_service
+ mnt_vendor_file
network_watchlist_data_file
network_watchlist_service
perfetto
diff --git a/private/file_contexts b/private/file_contexts
index 109f219..4e2a765 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -525,3 +525,7 @@
/mnt/user(/.*)? u:object_r:mnt_user_file:s0
/mnt/runtime(/.*)? u:object_r:storage_file:s0
/storage(/.*)? u:object_r:storage_file:s0
+
+#############################
+# mount point for read-write vendor partitions
+/mnt/vendor(/.*)? u:object_r:mnt_vendor_file:s0