Fix encryption on Nexus 7 v1
Addresses the following errors
04-21 12:05:34.919 128 188 D Cryptfs : unmounting /data succeeded
04-21 12:05:34.928 128 188 D Cryptfs : Just triggered post_fs_data
04-21 12:05:35.121 153 153 W auditd : type=1403 audit(0.0:5): policy loaded auid=4294967295 ses=4294967295
04-21 12:05:35.179 128 188 D Cryptfs : post_fs_data done
04-21 12:05:37.181 188 188 W vold : type=1400 audit(0.0:6): avc: denied { execmem } for scontext=u:r:vold:s0 tcontext=u:r:vold:s0 tclass=process
04-21 12:05:37.188 128 188 D Cryptfs : Just triggered restart_min_framework
04-21 12:05:37.196 128 188 W linker : libtf_crypto_sst.so has text relocations. This is wasting memory and prevents security hardening. Please fix.
04-21 12:05:37.200 128 188 E HAL : load: module=/system/lib/hw/keystore.grouper.so
04-21 12:05:37.200 128 188 E HAL : dlopen failed: could not load library "libtf_crypto_sst.so" needed by "keystore.grouper.so"; caused by can't unprotect loadable segments for "libtf_crypto_sst.so": Permission denied
04-21 12:05:37.200 128 188 E Cryptfs : could not find any keystore module
04-21 12:05:37.200 128 188 E Cryptfs : Failed to init keymaster
Bug: 14225645
Change-Id: Ie104eb633a1636c0d0c6728e6f2b64a4f7870e7a
diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk
index 605b738..27924d0 100644
--- a/BoardConfigCommon.mk
+++ b/BoardConfigCommon.mk
@@ -101,4 +101,5 @@
surfaceflinger.te \
system_app.te \
system_server.te \
- ueventd.te
+ ueventd.te \
+ vold.te
diff --git a/sepolicy/vold.te b/sepolicy/vold.te
new file mode 100644
index 0000000..a0ecbc0
--- /dev/null
+++ b/sepolicy/vold.te
@@ -0,0 +1,2 @@
+# vold needs to load keystore which loads libtf_crypto_sst.so which has text relocations
+allow vold self:process execmem;
