From 3acec6fa1784cb44055b304c4a01ebb391468c31 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Sat, 11 Apr 2015 22:10:20 -0700
Subject: [PATCH] Allow sdcard daemon to run above expanded storage.

We have a /media directory on expanded storage that behaves just
like internal storage, and has a FUSE daemon running above it.

avc: denied { search } for name="expand" dev="tmpfs" ino=3130 scontext=u:r:sdcardd:s0 tcontext=u:object_r:mnt_expand_file:s0 tclass=dir permissive=0

Bug: 19993667
Change-Id: I771ecb8f2808c48ccf4139ac9cfc2a48a2332fec
---
 sdcardd.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sdcardd.te b/sdcardd.te
index 96216c466..cd2bc6411 100644
--- a/sdcardd.te
+++ b/sdcardd.te
@@ -28,3 +28,6 @@ allow sdcardd install_data_file:file r_file_perms;
 # Allow stdin/out back to vold
 allow sdcardd vold:fd use;
 allow sdcardd vold:fifo_file { read write getattr };
+
+# Allow running on top of expanded storage
+allow sdcardd mnt_expand_file:dir search;