common/qcomsysd.te - platform_device_qcom_sepolicy - Gitiles

 #Policy file for qcom-system-daemon
 #qcomsysd = qcom-system-daemon domain
 type qcomsysd, domain;
 type qcomsysd_exec, exec_type, file_type;
 init_daemon_domain(qcomsysd);

 #Needed for logging
 allow qcomsysd smem_log_device:chr_file rw_file_perms;

 #Needed to read/write cookies to the misc partition
 allow qcomsysd block_device:dir r_dir_perms;
 allow qcomsysd {
     misc_partition
     #Needed to access the bootselect partition
     bootselect_device
 }:blk_file rw_file_perms;

 #Needed to get image info from socinfo
 r_dir_file(qcomsysd, sysfs_socinfo)
 allow qcomsysd sysfs_socinfo:file w_file_perms;

 allow qcomsysd self:capability { dac_override sys_boot };
 use_per_mgr(qcomsysd);
	#Policy file for qcom-system-daemon
	#qcomsysd = qcom-system-daemon domain
	type qcomsysd, domain;
	type qcomsysd_exec, exec_type, file_type;
	init_daemon_domain(qcomsysd);

	#Needed for logging
	allow qcomsysd smem_log_device:chr_file rw_file_perms;

	#Needed to read/write cookies to the misc partition
	allow qcomsysd block_device:dir r_dir_perms;
	allow qcomsysd {
	misc_partition
	#Needed to access the bootselect partition
	bootselect_device
	}:blk_file rw_file_perms;

	#Needed to get image info from socinfo
	r_dir_file(qcomsysd, sysfs_socinfo)
	allow qcomsysd sysfs_socinfo:file w_file_perms;

	allow qcomsysd self:capability { dac_override sys_boot };
	use_per_mgr(qcomsysd);