From b4bf950060378a2a36a24911a642d86d076d47c5 Mon Sep 17 00:00:00 2001
From: Tom Marshall <tdm@cyngn.com>
Date: Mon, 9 Mar 2015 15:08:27 -0700
Subject: [PATCH] sepolicy: recovery: Allow data file write

Needed to preserve /data/.layout_version (aka nesting bug fix).

Change-Id: Iaae982223e80ad10479cf1ca3db09da7ada5663e
---
 sepolicy/recovery.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sepolicy/recovery.te b/sepolicy/recovery.te
index 4446bbaa..cf230f7e 100644
--- a/sepolicy/recovery.te
+++ b/sepolicy/recovery.te
@@ -33,7 +33,7 @@ allow recovery file_type:dir { rw_dir_perms rmdir };
 allow recovery file_type:notdevfile_class_set { unlink getattr };
 # wipe saves and restores the layout version
 allow recovery install_data_file:file create_file_perms;
-allow recovery system_data_file:file create;
+allow recovery system_data_file:file create_file_perms;
 
 # /cache/recovery things: command and logs
 allow recovery recovery_cache_file:dir create_dir_perms;