sdcard1_recovery.diff

(this patch is for vendor/cm)

diff --git a/sepolicy/recovery.te b/sepolicy/recovery.te
index 6110f9a..edb1ce8 100644
--- a/sepolicy/recovery.te
+++ b/sepolicy/recovery.te
@@ -15,12 +15,15 @@ allow recovery system_data_file:file r_file_perms;
 
 # Manage fstab and /adb_keys
 allow recovery rootfs:file create_file_perms;
-allow recovery rootfs:dir { write add_name };
+allow recovery rootfs:dir { write add_name create };
 
 # Read /data/media files and directories
 allow recovery media_rw_data_file:dir r_dir_perms;
 allow recovery media_rw_data_file:file r_file_perms;
 
+allow recovery sdcard_posix:dir r_dir_perms;
+allow recovery sdcard_posix:file r_file_perms;
+
 # Control properties
 allow recovery recovery_prop:property_service set;
 
diff --git a/sepolicy/vold.te b/sepolicy/vold.te
index b54b6e9..30fe9e7 100644
--- a/sepolicy/vold.te
+++ b/sepolicy/vold.te
@@ -8,3 +8,7 @@ allow vold fuse_device:chr_file rw_file_perms;
 
 # NTFS-3g wants to drop permission
 allow vold self:capability { setgid setuid };
+
+allow vold labeledfs:filesystem relabelfrom;
+allow vold rootfs:dir { add_name write };