From 67c51391b7c5e62f82d00176995f5ac0d24a4fcc Mon Sep 17 00:00:00 2001
From: LuK1337 <priv.luk@gmail.com>
Date: Tue, 28 Jun 2022 22:43:29 +0200
Subject: [PATCH] sepolicy: qti: Allow fastbootd to write to logo, spunvm, and
 storsec

Change-Id: Idfaee7740b56de523fbe73606ab09102b7bcd80c
---
 sepolicy/qti/vendor/fastbootd.te  | 1 +
 sepolicy/qti/vendor/file_contexts | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/sepolicy/qti/vendor/fastbootd.te b/sepolicy/qti/vendor/fastbootd.te
index fa42a98..ea6502a 100644
--- a/sepolicy/qti/vendor/fastbootd.te
+++ b/sepolicy/qti/vendor/fastbootd.te
@@ -1,3 +1,4 @@
 recovery_only(`
+allow fastbootd vendor_efs_boot_dev:blk_file rw_file_perms;
 allow fastbootd vendor_modem_efs_partition_device:blk_file rw_file_perms;
 ')
diff --git a/sepolicy/qti/vendor/file_contexts b/sepolicy/qti/vendor/file_contexts
index e79a2fa..84024cd 100644
--- a/sepolicy/qti/vendor/file_contexts
+++ b/sepolicy/qti/vendor/file_contexts
@@ -27,6 +27,9 @@
 # Init
 /(odm|vendor/odm)/bin/init\.oplus\.sh    u:object_r:vendor_qti_init_shell_exec:s0
 
+# Logo
+/dev/block/platform/soc/1d84000\.ufshc/by-name/logo_[ab]    u:object_r:vendor_custom_ab_block_device:s0
+
 # MDM
 /dev/block/platform/soc/1d84000\.ufshc/by-name/mdm_oem_dycnvbk    u:object_r:vendor_modem_efs_partition_device:s0
 /dev/block/platform/soc/1d84000\.ufshc/by-name/mdm_oem_stanvbk    u:object_r:vendor_modem_efs_partition_device:s0
@@ -55,6 +58,12 @@
 /(odm|vendor/odm)/bin/oplus_sensor_fb    u:object_r:vendor_sensors_exec:s0
 /dev/ssc_interactive                     u:object_r:ssc_interactive_device:s0
 
+# Spunvm
+/dev/block/platform/soc/1d84000\.ufshc/by-name/spunvm    u:object_r:vendor_efs_boot_dev:s0
+
+# Storsec
+/dev/block/platform/soc/1d84000\.ufshc/by-name/storsec_[ab]    u:object_r:vendor_custom_ab_block_device:s0
+
 # Touch
 /(vendor|system/vendor)/bin/hw/vendor\.lineage\.touch@1\.0-service\.oplus    u:object_r:hal_lineage_touch_default_exec:s0