From d050c79b6415615a2a93e3ae10baa17069d0f9e8 Mon Sep 17 00:00:00 2001
From: Alex Klyubin <klyubin@google.com>
Date: Thu, 9 May 2013 17:07:22 -0700
Subject: [PATCH] SELinux policy: let vold write to device:dir.

I have no idea what vold is doing when this operation is attempted
(when a full-disk encrypted device is booting up). Thus, I don't know
if there is a better way of restricting the policy.

Change-Id: I537b70b1abb73c36e5abf0357b766292f625e1af
---
 vold.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vold.te b/vold.te
index 26532c1a0..bdd754faa 100644
--- a/vold.te
+++ b/vold.te
@@ -7,6 +7,7 @@ typeattribute vold mlstrustedsubject;
 allow vold system_file:file x_file_perms;
 allow vold block_device:dir create_dir_perms;
 allow vold block_device:blk_file create_file_perms;
+allow vold device:dir write;
 allow vold devpts:chr_file rw_file_perms;
 allow vold rootfs:dir mounton;
 allow vold sdcard_type:dir mounton;