omni: sepolicy: Add posix-type fs rules for sdcards. Everything below holds for sdcards formatted with a ext4 / f2fs or alike filesystem. * Allow filesystem context relabeling from vold that is required to set the correct context. * Grant access to the sdcard for untrusted_app, untrusted_app_25, priv_app, and platform_app. * Label files & dirs below a corresponding sdcard with sdcard_posix (set in genfscontext). * Allow installd to get the quota. * Allow sdcard access for the mediaprovider. Change-Id: I7b0347010e7bc11a461b0120f75095d5d6ad0c70 Signed-off-by: Alexander Diewald <Diewi@diewald-net.com>

commit: 259f938886e526bbbedc90430e135299336a4501 [log] [tgz]
author: Alexander Diewald <Diewi@diewald-net.com> Thu Jan 25 22:44:48 2018 +0100
committer: Max Weninger <max.weninger@gmail.com> Mon Feb 19 19:02:53 2018 +0100
tree: 0ba191a71e2d49b0dbab5c2d68e051f6f56b7c71
parent: 55b111e47441c8b0602e1fd0b97e14954ed5f8d7 [diff] [blame]
diff --git a/sepolicy/installd.te b/sepolicy/installd.te
index 47f0c52..cef2730 100644
--- a/sepolicy/installd.te
+++ b/sepolicy/installd.te

@@ -1,3 +1,4 @@
 # Allow querying of asec size on SD card
 allow installd sdcard_type:dir { search };
 allow installd sdcard_type:file { getattr };
+allow installd sdcard_posix:filesystem quotaget;
commit	259f938886e526bbbedc90430e135299336a4501	[log] [tgz]
author	Alexander Diewald <Diewi@diewald-net.com>	Thu Jan 25 22:44:48 2018 +0100
committer	Max Weninger <max.weninger@gmail.com>	Mon Feb 19 19:02:53 2018 +0100
tree	0ba191a71e2d49b0dbab5c2d68e051f6f56b7c71
parent	55b111e47441c8b0602e1fd0b97e14954ed5f8d7 [diff] [blame]