From 9d8f7eac8a2dcc55ad415fceb41deb1dd4286f96 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Fri, 2 Nov 2018 14:03:08 -0700
Subject: [PATCH] sgdisk: allow BLKRRPART

Allow sgdisk to force the kernel to re-read the partition table.

Addresses the following denial:

avc: denied { ioctl } for path=/dev/block/vold/disk:7,0 dev=tmpfs ino=710640 ioctlcmd=125f scontext=u:r:sgdisk:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0

Bug: 118890056
Test: policy compiles
Test:
  1) adb shell sm set-force-adoptable on
  2) adb shell sm set-virtual-disk true
  3) On device, pick the drop-down notification and
     choose "use as phone/internal storage" to adopt the virtual SD card.
Change-Id: I6825cf526cc48aa2a17afab14eadb6134bfc56f9
---
 public/sgdisk.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/public/sgdisk.te b/public/sgdisk.te
index 47966bd4b..9d7124983 100644
--- a/public/sgdisk.te
+++ b/public/sgdisk.te
@@ -15,6 +15,8 @@ allowxperm sgdisk vold_device:blk_file ioctl { HDIO_GETGEO };
 # 2T in size, but we allow it for now and hope that sgdisk
 # will fix their bug.
 allowxperm sgdisk vold_device:blk_file ioctl { BLKGETSIZE };
+# Force a re-read of the partition table.
+allowxperm sgdisk vold_device:blk_file ioctl { BLKRRPART };
 
 # Inherit and use pty created by android_fork_execvp()
 allow sgdisk devpts:chr_file { read write ioctl getattr };
-- 
GitLab