From 18f0b938bd3bdb25462d971bf8fccf28f2996384 Mon Sep 17 00:00:00 2001
From: Jeferson <jroliveira.oliveira301@gmail.com>
Date: Mon, 28 Jun 2021 14:14:08 +0200
Subject: [PATCH] msm8953-common: Adress fsck_untrusted denials

[244457.303036] type=1400 audit(1624810115.905: 76046): avc: denied {read } for comm="fsck.exfat" uid=0 name="start" dev="sysfs" ino=41979
scontext=u: r:fsck_untrusted:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 [244457.303320] type=1400 audit(1624810115.908:76047):
avc: denied { open } for comm="fsck.exfat" uid=0 path="/sys/devices/soc/c084000.sdhci/mmc_host/mmc1/mmc1:59b4/block/mmcblk1/mmcblk1p1/start" dev="sysfs" ino=41979 scontext=u:r:fsck_untrusted:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
[244457.303418] type=1400 audit(1624810115.908: 76048): avc: denied { getattr } for comm="fsck.exfat" uid=0 path="/sys/devices/soc/c084000.sdhci/mmc_host/mmc1/mmc1:59b4/block/mmcblk1/mmcblk1p1/start" dev="sysfs" ino=41979 scontext=u:r:fsck_untrusted:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Change-Id: I73a58794c00693c6a259f631a14638c7b18454d5
---
 sepolicy/vendor/fsck_untrusted.te | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 sepolicy/vendor/fsck_untrusted.te

diff --git a/sepolicy/vendor/fsck_untrusted.te b/sepolicy/vendor/fsck_untrusted.te
new file mode 100644
index 0000000..528a867
--- /dev/null
+++ b/sepolicy/vendor/fsck_untrusted.te
@@ -0,0 +1,4 @@
+r_dir_file(fsck_untrusted, sysfs_dm)
+
+# /data/media
+allow fsck_untrusted media_rw_data_file:dir getattr;