1domain_auto_trans(vold, vold_prepare_subdirs_exec, vold_prepare_subdirs) 2 3allow vold_prepare_subdirs system_file:file execute_no_trans; 4allow vold_prepare_subdirs shell_exec:file rx_file_perms; 5allow vold_prepare_subdirs toolbox_exec:file rx_file_perms; 6allow vold_prepare_subdirs devpts:chr_file rw_file_perms; 7allow vold_prepare_subdirs vold:fd use; 8allow vold_prepare_subdirs vold:fifo_file { read write }; 9allow vold_prepare_subdirs file_contexts_file:file r_file_perms; 10allow vold_prepare_subdirs self:global_capability_class_set { chown dac_override dac_read_search fowner }; 11allow vold_prepare_subdirs self:process setfscreate; 12allow vold_prepare_subdirs { 13 system_data_file 14 vendor_data_file 15}:dir { open read write add_name remove_name rmdir relabelfrom }; 16allow vold_prepare_subdirs { 17 apex_module_data_file 18 apex_permission_data_file 19 apex_rollback_data_file 20 apex_wifi_data_file 21 backup_data_file 22 face_vendor_data_file 23 fingerprint_vendor_data_file 24 iris_vendor_data_file 25 rollback_data_file 26 storaged_data_file 27 vold_data_file 28}:dir { create_dir_perms relabelto }; 29allow vold_prepare_subdirs { 30 apex_module_data_file 31 apex_permission_data_file 32 apex_rollback_data_file 33 apex_wifi_data_file 34 backup_data_file 35 face_vendor_data_file 36 fingerprint_vendor_data_file 37 iris_vendor_data_file 38 rollback_data_file 39 storaged_data_file 40 system_data_file 41 vold_data_file 42}:file { getattr unlink }; 43allow vold_prepare_subdirs apex_mnt_dir:dir { open read }; 44 45dontaudit vold_prepare_subdirs { proc unlabeled }:file r_file_perms; 46