commit d25ccabd24339938b6b3bb93cb3cb96b4aa55958
author Jeff Vander Stoep <jeffv@google.com> Wed Feb 07 16:29:06 2018 -0800
committer Jeffrey Vander Stoep <jeffv@google.com> Thu Feb 08 17:21:25 2018 +0000
tree f60d688f2fbc6a91785e2d07496b1ed5b8442371
parent 8c87c2ad6559956fce5860d771b74046cde54714

label /data/vendor{_ce,_de}

Restrictions introduced in vendor init mean that new devices
may not no longer exempt vendor init from writing to system_data_file.
This means we must introduce a new label for /data/vendor which
vendor_init may write to.

Bug: 73087047
Test: build and boot Taimen and Marlin. Complete SUW, enroll fingerprint
    No new denials.

Change-Id: I65f904bb28952d4776aab947515947e14befbe34

private/file_contexts

diff --git a/private/file_contexts b/private/file_contexts
index 25d0d9d..321cfbe 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -425,6 +425,9 @@
 /data/misc/profiles/cur(/.*)?       u:object_r:user_profile_data_file:s0
 /data/misc/profiles/ref(/.*)?       u:object_r:user_profile_data_file:s0
 /data/misc/profman(/.*)?        u:object_r:profman_dump_data_file:s0
+/data/vendor(/.*)?              u:object_r:vendor_data_file:s0
+/data/vendor_ce(/.*)?           u:object_r:vendor_data_file:s0
+/data/vendor_de(/.*)?           u:object_r:vendor_data_file:s0
 
 # storaged proto files
 /data/misc_de/[0-9]+/storaged(/.*)?       u:object_r:storaged_data_file:s0