From 3b5923fe1b588a22134e9bb5836fc402cd5bd26d Mon Sep 17 00:00:00 2001
From: Alex Klyubin <klyubin@google.com>
Date: Wed, 8 May 2013 12:42:50 -0700
Subject: [PATCH] SELinux policy granting vold the capability to reboot.

vold reboots needs to reboot the system when it succeeds or fails to
encrypt partitions.

Change-Id: Ibb1a5378228be60215162ae248e6c1049a16b830
---
 vold.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/vold.te b/vold.te
index 71067c469..b0f790d5a 100644
--- a/vold.te
+++ b/vold.te
@@ -26,6 +26,8 @@ allow vold domain:dir r_dir_perms;
 allow vold domain:{ file lnk_file } r_file_perms;
 allow vold domain:process { signal sigkill };
 allow vold self:capability { sys_ptrace };
+# Grant vold the capability to reboot the system
+allow vold self:capability { sys_boot };
 
 # XXX Label sysfs files with a specific type?
 allow vold sysfs:file rw_file_perms;
-- 
GitLab