#============= rfs_access ==============
allow rfs_access self:capability dac_override;

#============= system_app ==============
allow system_app proc_pagetypeinfo:file { getattr open read };

#============= atfwd ==============
allow atfwd sysfs:file { open read };

#============= audioserver ==============
allow audioserver vendor_data_file:dir { add_name write };
allow audioserver vendor_data_file:file { getattr append create open read };

#============= cameraserver ==============
allow cameraserver default_prop:property_service set;
allow cameraserver mm-qcamerad:unix_dgram_socket sendto;
allow cameraserver sysfs:file { getattr open read };

#============= fsck ==============
allow fsck block_device:blk_file { open read write };
allow fsck mnt_vendor_file:dir getattr;
allow fsck e2fsck_device:blk_file ioctl;

#============= hal_bluetooth_qti ==============
allow hal_bluetooth_qti default_prop:property_service set;

#============= hal_fingerprint_default ==============
allow hal_fingerprint_default fingerprintd_data_file:dir write;

#============= hal_gnss_qti ==============
allow hal_gnss_qti sysfs:file { read open };

#============= hal_health_default ==============
allow hal_health_default sysfs:file { getattr open read };

#============= hal_perf_default ==============
allow hal_perf_default default_prop:property_service set;
allow hal_perf_default self:capability dac_override;

#============= healthd ==============
allow healthd sysfs:file { getattr open read };

#============= init ==============
allow init hal_drm_hwservice:hwservice_manager add;
allow init proc:file { open write };
allow init sysfs:file { open setattr write };
allow init sysfs_boot_adsp:file { open setattr };
allow init sysfs_cpu_boost:file { open write };
allow init sysfs_devices_system_cpu:file write;
allow init sysfs_lowmemorykiller:file { open write };
allow init sysfs_msm_perf:file setattr;
allow init sysfs_msm_power:file { open write };
allow init sysfs_poweron_alarm:file { open write };
allow init sysfs_slpi:file open;
allow init sysfs_thermal:file write;
allow init vendor_file:file execute_no_trans;
allow init sysfs_devfreq:file { open write };
allow init vndbinder_device:chr_file read;
allow init shell_exec:file execute_no_trans;
allow init sysfs_ea:file setattr;
allow init sysfs_camera:file setattr;
allow init sysfs_lib:file setattr;
allow init sysfs_sensors:lnk_file read;
allow init sysfs_wlan_fwpath:file setattr;

#============= netmgrd ==============
allow netmgrd sysfs:file { open read };

#============= mm-qcamerad ==============
allow mm-qcamerad vendor_default_prop:property_service set;
allow mm-qcamerad default_prop:property_service set;

#============= rild ==============
allow rild system_prop:property_service set;

#============= sensors ==============
allow sensors sysfs:file { open read };

#============= location ==============
allow location sysfs:file { open read };

#============= system_server ==============
allow system_server dalvikcache_data_file:file execute;
allow system_server sensors_persist_file:dir search;
allow system_server sensors_persist_file:file { open read };
allow system_server vendor_camera_prop:file { getattr open read };

#============= tee ==============
allow tee system_prop:property_service set;

#============= time_daemon ==============
allow time_daemon sysfs:file { open read };
allow time_daemon time_data_file:dir { add_name write };
allow time_daemon time_data_file:file { create open read write };

#============= vold ==============
allow vold mnt_vendor_file:dir { open read ioctl };

#============= webview_zygote ==============
allow webview_zygote zygote:unix_dgram_socket write;