From feda4b1da52576b7b37fc6e090efb2340e9c38ea Mon Sep 17 00:00:00 2001 From: Alistair Delva Date: Fri, 15 May 2020 10:51:39 -0700 Subject: [PATCH] Allow sgdisk to use BLKPBSZGET ioctl The gpt_fdisk project was updated recently, but sepolicy was not updated with it :) Now sgdisk can use BLKPBSZGET to detect the physical block size. Seen on cuttlefish when adding external SD Card support to it. avc: denied { ioctl } for comm="sgdisk" path="/dev/block/vold/disk:252,16" dev="tmpfs" ino=8625 ioctlcmd=0x127b scontext=u:r:sgdisk:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 Bug: 156286088 Change-Id: I9f2df88ee253261b52f3022838380fbb1cab6da0 --- public/sgdisk.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/public/sgdisk.te b/public/sgdisk.te index 9d7124983..e5a9152e2 100644 --- a/public/sgdisk.te +++ b/public/sgdisk.te @@ -17,6 +17,8 @@ allowxperm sgdisk vold_device:blk_file ioctl { HDIO_GETGEO }; allowxperm sgdisk vold_device:blk_file ioctl { BLKGETSIZE }; # Force a re-read of the partition table. allowxperm sgdisk vold_device:blk_file ioctl { BLKRRPART }; +# Allow reading of the physical block size. +allowxperm sgdisk vold_device:blk_file ioctl { BLKPBSZGET }; # Inherit and use pty created by android_fork_execvp() allow sgdisk devpts:chr_file { read write ioctl getattr };