Merge "drop "allow healthd self:process execmem;""
diff --git a/public/recovery.te b/public/recovery.te
index 12eadee..d5d16a2 100644
--- a/public/recovery.te
+++ b/public/recovery.te
@@ -138,6 +138,10 @@
# This line seems suspect, as it should not really need to
# set scheduling parameters for a kernel domain task.
allow recovery kernel:process setsched;
+
+ # These are needed to update dynamic partitions in recovery.
+ r_dir_file(recovery, sysfs_dm)
+ allowxperm recovery super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF };
')
###