Allow sgdisk to use BLKPBSZGET ioctl The gpt_fdisk project was updated recently, but sepolicy was not updated with it :) Now sgdisk can use BLKPBSZGET to detect the physical block size. Seen on cuttlefish when adding external SD Card support to it. avc: denied { ioctl } for comm="sgdisk" path="/dev/block/vold/disk:252,16" dev="tmpfs" ino=8625 ioctlcmd=0x127b scontext=u:r:sgdisk:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 Bug: 156286088 Change-Id: I9f2df88ee253261b52f3022838380fbb1cab6da0

commit: feda4b1da52576b7b37fc6e090efb2340e9c38ea [log] [tgz]
author: Alistair Delva <adelva@google.com> Fri May 15 10:51:39 2020 -0700
committer: Alistair Delva <adelva@google.com> Fri May 15 10:51:40 2020 -0700
tree: d324f4242ec3f8b4b30d376dcc7bd5df9169f7e3
parent: 7b9d03c1b2e8d306f11b93dc1cdaedef93d600c1 [diff]
diff --git a/public/sgdisk.te b/public/sgdisk.te
index 9d71249..e5a9152 100644
--- a/public/sgdisk.te
+++ b/public/sgdisk.te

@@ -17,6 +17,8 @@
 allowxperm sgdisk vold_device:blk_file ioctl { BLKGETSIZE };
 # Force a re-read of the partition table.
 allowxperm sgdisk vold_device:blk_file ioctl { BLKRRPART };
+# Allow reading of the physical block size.
+allowxperm sgdisk vold_device:blk_file ioctl { BLKPBSZGET };
 
 # Inherit and use pty created by android_fork_execvp()
 allow sgdisk devpts:chr_file { read write ioctl getattr };
commit	feda4b1da52576b7b37fc6e090efb2340e9c38ea	[log] [tgz]
author	Alistair Delva <adelva@google.com>	Fri May 15 10:51:39 2020 -0700
committer	Alistair Delva <adelva@google.com>	Fri May 15 10:51:40 2020 -0700
tree	d324f4242ec3f8b4b30d376dcc7bd5df9169f7e3
parent	7b9d03c1b2e8d306f11b93dc1cdaedef93d600c1 [diff]