Merge changes Ide8fc07c,Ia1f51db4
* changes:
Allow vold to mount on top of /data/media.
Revert "Temporarily relax Zygote storage mounting rules."
diff --git a/private/zygote.te b/private/zygote.te
index d5e5420..5d7ecac 100644
--- a/private/zygote.te
+++ b/private/zygote.te
@@ -100,11 +100,8 @@
allow zygote storage_file:dir { search mounton };
# Allow mounting and creating files, dirs on sdcardfs.
-# TODO: reduce this back to only sdcardfs once b/123533205 is root-caused
-# (Technically "sdcardfs" and "media_rw_data_file" are equivalent, since
-# sdcardfs simply wraps files stored under /data/media.)
-allow zygote { sdcard_type media_rw_data_file }:dir { create_dir_perms mounton };
-allow zygote { sdcard_type media_rw_data_file }:file { create_file_perms };
+allow zygote { sdcard_type }:dir { create_dir_perms mounton };
+allow zygote { sdcard_type }:file { create_file_perms };
# Allow zygote to expand app files while preloading libraries
allow zygote mnt_expand_file:dir getattr;
diff --git a/public/vold.te b/public/vold.te
index bc4da1e..9f4489d 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -92,6 +92,8 @@
# Access to storage that backs emulated FUSE daemons for migration optimization
allow vold media_rw_data_file:dir create_dir_perms;
allow vold media_rw_data_file:file create_file_perms;
+# Allow mounting (lower filesystem) on parts of media for performance
+allow vold media_rw_data_file:dir mounton;
# Allow mounting of storage devices
allow vold { mnt_media_rw_stub_file storage_stub_file }:dir { mounton create rmdir getattr setattr };
