From fb13ddda26bea270948e0f1e20b62f4f849af4f4 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Tue, 9 Oct 2018 19:47:38 -0700
Subject: [PATCH] kernel: allow write access to /data/misc/vold/virtual_disk

The kernel thread which manages this file really needs read/write access
to this file, not read-only. This was suspected in b/36626310 but
apparently something must have changed in the kernel surrounding
permission checking for kernel threads (still unknown)

Bug: 36626310
Bug: 117148019
Bug: 116841589
Test: policy compiles
Change-Id: I9c42541e2567a79b2d741eebf3ddf219f59478a9
---
 public/kernel.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/kernel.te b/public/kernel.te
index 3a440ebb6..d20bc4710 100644
--- a/public/kernel.te
+++ b/public/kernel.te
@@ -79,7 +79,7 @@ allow kernel media_rw_data_file:dir create_dir_perms;
 allow kernel media_rw_data_file:file create_file_perms;
 
 # Access to /data/misc/vold/virtual_disk.
-allow kernel vold_data_file:file read;
+allow kernel vold_data_file:file { read write };
 
 # Allow the first-stage init (which is running in the kernel domain) to execute the
 # dynamic linker when it re-executes /init to switch into the second stage.
-- 
GitLab