Merge "Allow mke2fs to format virtual block devices in microdroid"

commit: b8c6055b6fbb14afa154bb1c130518eaaeda7af2 [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Wed May 26 00:03:08 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed May 26 00:03:08 2021 +0000
tree: 64c42908bc48aa362f57c96c56501b7bd03f1f9b
parent: 3040e15baa1bba5413c5c5d3263e01fd82b81d96 [diff]
parent: e1bfe4332f3786e0d0309d2ba730bdf7e5abee8b [diff]
diff --git a/public/e2fs.te b/public/e2fs.te
index dd5bd69..6eeb7ea 100644
--- a/public/e2fs.te
+++ b/public/e2fs.te

@@ -12,6 +12,15 @@
   BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET
 };
 
+# Allow e2fs to format /dev/block/vd*
+# TODO(b/189165759) move this rule to packages/modules/Virtualization
+userdebug_or_eng(`
+allow e2fs vd_device:blk_file rw_file_perms;
+allowxperm e2fs vd_device:blk_file ioctl {
+  BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET
+};
+')
+
 allow e2fs {
   proc_filesystems
   proc_mounts
commit	b8c6055b6fbb14afa154bb1c130518eaaeda7af2	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Wed May 26 00:03:08 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed May 26 00:03:08 2021 +0000
tree	64c42908bc48aa362f57c96c56501b7bd03f1f9b
parent	3040e15baa1bba5413c5c5d3263e01fd82b81d96 [diff]
parent	e1bfe4332f3786e0d0309d2ba730bdf7e5abee8b [diff]