sepolicy: recovery: Allow data file write Needed to preserve /data/.layout_version (aka nesting bug fix). Change-Id: Iaae982223e80ad10479cf1ca3db09da7ada5663e

commit: c46b3cb4cc1657cc41681ebc0628c7788983858b [log] [tgz]
author: Tom Marshall <tdm@cyngn.com> Mon Mar 09 15:08:27 2015 -0700
committer: Nicholas Flintham <nick@flinny.org> Sun Apr 26 10:11:32 2015 +0100
tree: 4ebdd9660fc6729ce1aa67f34f5225d25aa25b89
parent: 410c591e3f2c1d4473c13c4a2b6d727c2e3245f4 [diff]
diff --git a/sepolicy/recovery.te b/sepolicy/recovery.te
index 4446bba..cf230f7 100644
--- a/sepolicy/recovery.te
+++ b/sepolicy/recovery.te

@@ -33,7 +33,7 @@
 allow recovery file_type:notdevfile_class_set { unlink getattr };
 # wipe saves and restores the layout version
 allow recovery install_data_file:file create_file_perms;
-allow recovery system_data_file:file create;
+allow recovery system_data_file:file create_file_perms;
 
 # /cache/recovery things: command and logs
 allow recovery recovery_cache_file:dir create_dir_perms;
commit	c46b3cb4cc1657cc41681ebc0628c7788983858b	[log] [tgz]
author	Tom Marshall <tdm@cyngn.com>	Mon Mar 09 15:08:27 2015 -0700
committer	Nicholas Flintham <nick@flinny.org>	Sun Apr 26 10:11:32 2015 +0100
tree	4ebdd9660fc6729ce1aa67f34f5225d25aa25b89
parent	410c591e3f2c1d4473c13c4a2b6d727c2e3245f4 [diff]