update_engine: allow to r/w super partition metadata and (un)map on dev mapper. Test: resize partitions during OTA Bug: 110717529 Change-Id: Ia0b66a188232795cf7c649b48af985a583f3471d

commit: 37427dbce10162dba6253113a2b638054cc63ad8 [log] [tgz]
author: Yifan Hong <elsk@google.com> Thu Aug 23 15:01:56 2018 -0700
committer: Yifan Hong <elsk@google.com> Thu Sep 27 15:39:12 2018 -0700
tree: c6ebb957ca2f584f7fc5d266ea14f26a2bb52552
parent: 26605f4b2093018dc4002eaff0e77b283860a16b [diff]
diff --git a/public/update_engine_common.te b/public/update_engine_common.te
index eb4cdc1..819b7a3 100644
--- a/public/update_engine_common.te
+++ b/public/update_engine_common.te

@@ -43,3 +43,12 @@
 
 # Read files in /sys/firmware/devicetree/base/firmware/android/
 r_dir_file(update_engine_common, sysfs_dt_firmware_android)
+
+# read / write on /dev/device-mapper to map / unmap devices
+allow update_engine_common dm_device:chr_file rw_file_perms;
+
+# apply / verify updates on devices mapped via device mapper
+allow update_engine_common dm_device:blk_file rw_file_perms;
+
+# read / write metadata on super device to resize partitions
+allow update_engine_common super_block_device:blk_file rw_file_perms;
commit	37427dbce10162dba6253113a2b638054cc63ad8	[log] [tgz]
author	Yifan Hong <elsk@google.com>	Thu Aug 23 15:01:56 2018 -0700
committer	Yifan Hong <elsk@google.com>	Thu Sep 27 15:39:12 2018 -0700
tree	c6ebb957ca2f584f7fc5d266ea14f26a2bb52552
parent	26605f4b2093018dc4002eaff0e77b283860a16b [diff]