update_engine: allow to r/w super partition metadata

and (un)map on dev mapper.

Test: resize partitions during OTA
Bug: 110717529

Change-Id: Ia0b66a188232795cf7c649b48af985a583f3471d

public/update_engine_common.te

@@ -43,3 +43,12 @@ allow update_engine_common proc_cmdline:file r_file_perms;
 
 # Read files in /sys/firmware/devicetree/base/firmware/android/
 r_dir_file(update_engine_common, sysfs_dt_firmware_android)
+
+# read / write on /dev/device-mapper to map / unmap devices
+allow update_engine_common dm_device:chr_file rw_file_perms;
+
+# apply / verify updates on devices mapped via device mapper
+allow update_engine_common dm_device:blk_file rw_file_perms;
+
+# read / write metadata on super device to resize partitions
+allow update_engine_common super_block_device:blk_file rw_file_perms;