Fastbootd does not require read access to system and boot partitions Bug: 78793464 Test: fastboot flashall Change-Id: I5b65b818dc43a01f90a38202e3a1b810fef70ca8

commit: e9fcce56422a7b9ffd2ac8632803beec61e7b376 [log] [tgz]
author: Hridya Valsaraju <hridya@google.com> Thu Sep 06 17:06:54 2018 -0700
committer: Hridya Valsaraju <hridya@google.com> Fri Sep 07 00:09:34 2018 +0000
tree: 0e7d8a7f4918be6d329498d29fecad419760c073
parent: bedc4f170caaa7aea62d7ca53e436f41a279a96a [diff]
diff --git a/public/fastbootd.te b/public/fastbootd.te
index bba5ab9..f2134e0 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te

@@ -39,8 +39,12 @@
   allow fastbootd dm_device:blk_file rw_file_perms;
 
   allow fastbootd super_block_device:blk_file rw_file_perms;
-  allow fastbootd system_block_device:blk_file rw_file_perms;
-  allow fastbootd boot_block_device:blk_file rw_file_perms;
+  allow fastbootd system_block_device:blk_file { w_file_perms ioctl };
+  allowxperm fastbootd system_block_device:blk_file ioctl { BLKGETSIZE64 };
+
+
+  allow fastbootd boot_block_device:blk_file { w_file_perms ioctl };
+  allowxperm fastbootd boot_block_device:blk_file ioctl { BLKGETSIZE64 };
 
   allow fastbootd misc_block_device:blk_file rw_file_perms;
commit	e9fcce56422a7b9ffd2ac8632803beec61e7b376	[log] [tgz]
author	Hridya Valsaraju <hridya@google.com>	Thu Sep 06 17:06:54 2018 -0700
committer	Hridya Valsaraju <hridya@google.com>	Fri Sep 07 00:09:34 2018 +0000
tree	0e7d8a7f4918be6d329498d29fecad419760c073
parent	bedc4f170caaa7aea62d7ca53e436f41a279a96a [diff]