Allow mkfs/fsck for zoned block device

Zoned block device will be used along with userdata_block_device for /data partition. Bug: 197782466 Change-Id: I777a8b22b99614727086e72520a48dbd8306885b Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
2023-01-15 19:35:34 -08:00 · 2023-01-15 19:35:34 -08:00 · b5f16b2392
commit b5f16b2392
parent b8194ca7fb
6 changed files with 10 additions and 0 deletions
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@ -49,4 +49,5 @@
    hal_confirmationui_service
    hal_fastboot_service
    hal_can_controller_service
+    zoned_block_device
  ))
--- a/private/file_contexts
+++ b/private/file_contexts
@ -79,6 +79,7 @@
 /dev/audio.*		u:object_r:audio_device:s0
 /dev/binder		u:object_r:binder_device:s0
 /dev/block(/.*)?	u:object_r:block_device:s0
+/dev/block/by-name/zoned_device	u:object_r:zoned_block_device:s0
 /dev/block/dm-[0-9]+	u:object_r:dm_device:s0
 /dev/block/loop[0-9]*	u:object_r:loop_device:s0
 /dev/block/vd[a-z][0-9]*  u:object_r:vd_device:s0
--- a/public/device.te
+++ b/public/device.te
@ -94,6 +94,9 @@ type boot_block_device, dev_type;
 # Documented at https://source.android.com/devices/bootloader/partitions
 type userdata_block_device, dev_type;

+# Zoned block device.
+type zoned_block_device, dev_type;
+
 # Cache block device mounted on /cache.
 # Documented at https://source.android.com/devices/bootloader/partitions
 type cache_block_device, dev_type;
--- a/public/e2fs.te
+++ b/public/e2fs.te
@ -8,6 +8,7 @@ allow e2fs block_device:dir search;
 allow e2fs userdata_block_device:blk_file rw_file_perms;
 allow e2fs metadata_block_device:blk_file rw_file_perms;
 allow e2fs dm_device:blk_file rw_file_perms;
+allow e2fs zoned_block_device:blk_file rw_file_perms;
 allowxperm e2fs { userdata_block_device metadata_block_device dm_device }:blk_file ioctl {
  BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET BLKREPORTZONE BLKRESETZONE
 };
--- a/public/fsck.te
+++ b/public/fsck.te
@ -17,6 +17,7 @@ allow fsck vold:fifo_file { read write getattr };
 allow fsck userdata_block_device:blk_file rw_file_perms;
 allow fsck cache_block_device:blk_file rw_file_perms;
 allow fsck dm_device:blk_file rw_file_perms;
+allow fsck zoned_block_device:blk_file rw_file_perms;
 userdebug_or_eng(`
 allow fsck system_block_device:blk_file rw_file_perms;
 ')
--- a/public/vold.te
+++ b/public/vold.te
@ -227,6 +227,9 @@ full_treble_only(`hal_client_domain(vold, hal_bootctl)')
 allow vold userdata_block_device:blk_file rw_file_perms;
 allowxperm vold userdata_block_device:blk_file ioctl BLKSECDISCARD;

+# Access zoned block device.
+allow vold zoned_block_device:blk_file rw_file_perms;
+
 # Access metadata block device used for encryption meta-data.
 allow vold metadata_block_device:blk_file rw_file_perms;
 allowxperm vold metadata_block_device:blk_file ioctl BLKSECDISCARD;