1# Copyright (c) 2022-2023 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14init_daemon_domain(charger);
15
16#avc:  denied  { search } for  pid=268 comm="charger" name="socket" dev="tmpfs" ino=21 scontext=u:r:charger:s0 tcontext=u:object_r:dev_unix_socket:s0 tclass=dir permissive=0
17allow charger dev_unix_socket:dir { search };
18
19#avc:  denied  { search } for  pid=238 comm="charger" name="processdump" dev="mmcblk0p6" ino=321 scontext=u:r:charger:s0 tcontext=u:object_r:system_bin_file:s0 tclass=dir permissive=1
20allow charger system_bin_file:dir { search };
21
22#avc:  denied  { entrypoint } for  pid=258 comm="charger" name="bin" dev="mmcblk0p6" ino=321 scontext=u:r:charger:s0 tcontext=u:object_r:system_bin_file:s0 tclass=file permissive=1
23#avc:  denied  { read execute } for  pid=239 comm="charger" name="bin" dev="mmcblk0p6" ino=321 scontext=u:r:charger:s0 tcontext=u:object_r:system_bin_file:s0 tclass=file permissive=1
24#avc:  denied  { map } for  pid=233 comm="charger" name="bin" dev="mmcblk0p6" ino=321 scontext=u:r:charger:s0 tcontext=u:object_r:system_bin_file:s0 tclass=file permissive=1
25allow charger system_bin_file:file { entrypoint map read execute };
26allow charger toybox_exec:file { entrypoint map read execute open getattr };
27
28#avc:  denied  { entrypoint } for  pid=235 comm="init" path="/vendor/bin/charger" dev="mmcblk0p6" ino=14 scontext=u:r:charger:s0 tcontext=u:charger_exec:s0 tclass=file permissive=1
29allow charger charger_exec:file { entrypoint };
30
31#avc:  denied  { read map } for process="unknown process" parameter=startup.device.ctl pid=268 uid=6667 gid=6667 scontext=u:r:charger:s0 tcontext=u:object_r:startup_param:s0 tclass=file permissive=0
32allow charger startup_param:file { open read map };
33
34#avc:  denied  { read } for  pid=307 comm="charger" name="u:object_r:ohos_param:s0" dev="tmpfs" ino=30 scontext=u:r:charger:s0 tcontext=u:object_r:ohos_param:s0 tclass=file permissive=0
35#avc:  denied  { open } for  pid=300 comm="charger" name="u:object_r:ohos_param:s0" dev="tmpfs" ino=30 scontext=u:r:charger:s0 tcontext=u:object_r:ohos_param:s0 tclass=file permissive=0
36#avc:  denied  { map } for  pid=312 comm="charger" name="u:object_r:ohos_param:s0" dev="tmpfs" ino=30 scontext=u:r:charger:s0 tcontext=u:object_r:ohos_param:s0 tclass=file permissive=k
37allow charger ohos_param:file { read open map };
38
39#avc:  denied  { read } for  pid=219 comm="charger" name="u:object_r:ohos_boot_param:s0" dev="tmpfs" ino=28 scontext=u:r:charger:s0 tcontext=u:object_r:ohos_boot_param:s0 tclass=file permissive=0
40#avc:  denied  { open } for  pid=223 comm="charger" name="u:object_r:ohos_boot_param:s0" dev="tmpfs" ino=28 scontext=u:r:charger:s0 tcontext=u:object_r:ohos_boot_param:s0 tclass=file permissive=0
41#avc:  denied  { map } for  pid=225 comm="charger" name="u:object_r:ohos_boot_param:s0" dev="tmpfs" ino=28 scontext=u:r:charger:s0 tcontext=u:object_r:ohos_boot_param:s0 tclass=file permissive=0
42allow charger ohos_boot_param:file { read open map };
43
44#avc: denied { read } for pid=296 comm="charger" path="/dev/parameters/u:object_r:sys_param:s0" dev="tmpfs" ino=48 scontext=u:r:charger:s0 tcontext=u:object_r:sys_param:s0 tclass=file permissive=1
45#avc: denied { open map } for pid=296 comm="charger" path="/dev/parameters/u:object_r:sys_param:s0" dev="tmpfs" ino=48 scontext=u:r:charger:s0 tcontext=u:object_r:sys_param:s0 tclass=file permissive=1
46allow charger sys_param:file { read open map };
47
48#avc:  denied  { read } for  pid=281 comm="charger" name="u:object_r:net_param:s0" dev="tmpfs" ino=50 scontext=u:r:charger:s0 tcontext=u:object_r:net_param:s0 tclass=file permissive=0
49#avc:  denied  { open } for  pid=222 comm="charger" path="/dev/__parameters__/u:object_r:net_param:s0" dev="tmpfs" ino=50 scontext=u:r:charger:s0 tcontext=u:object_r:net_param:s0 tclass=file permissive=1
50#avc:  denied  { map } for  pid=235 comm="charger" path="/dev/__parameters__/u:object_r:net_param:s0" dev="tmpfs" ino=50 scontext=u:r:charger:s0 tcontext=u:object_r:net_param:s0 tclass=file permissive=1
51allow charger net_param:file { read open map };
52
53#avc:  denied  { read } for  pid=256 comm="charger" name="u:object_r:net_tcp_param:s0" dev="tmpfs" ino=51 scontext=u:r:charger:s0 tcontext=u:object_r:net_tcp_param:s0 tclass=file permissive=1
54#avc:  denied  { open } for  pid=265 comm="charger" path="/dev/__parameters__/u:object_r:net_tcp_param:s0" dev="tmpfs" ino=51 scontext=u:r:charger:s0 tcontext=u:object_r:net_tcp_param:s0 tclass=file permissive=0
55#avc:  denied  { map } for  pid=269 comm="charger" path="/dev/__parameters__/u:object_r:net_tcp_param:s0" dev="tmpfs" ino=51 scontext=u:r:charger:s0 tcontext=u:object_r:net_tcp_param:s0 tclass=file permissive=1
56allow charger net_tcp_param:file { read open map };
57
58#avc:  denied  { search } for  pid=271 comm="charger" name="/" dev="mmcblk0p11" ino=3 scontext=u:r:charger:s0 tcontext=u:object_r:data_file:s0 tclass=dir permissive=0
59allow charger data_file:dir { search };
60
61#avc:  denied  { write } for  pid=291 comm="charger" name="paramservice" dev="tmpfs" ino=27 scontext=u:r:charger:s0 tcontext=u:object_r:paramservice_socket:s0 tclass=sock_file permissive=0
62allow charger paramservice_socket:sock_file { write };
63
64#avc:  denied  { read } for  pid=204 comm="charger" name="u:object_r:const_allow_param:s0" dev="tmpfs" ino=60 scontext=u:r:charger:s0 tcontext=u:object_r:const_allow_param:s0 tclass=file permissive=0
65#avc:  denied  { open } for  pid=197 comm="charger" path="/dev/__parameters__/u:object_r:const_allow_param:s0" dev="tmpfs" ino=60 scontext=u:r:charger:s0 tcontext=u:object_r:const_allow_param:s0 tclass=file permissive=1
66#avc:  denied  { map } for  pid=172 comm="charger" path="/dev/__parameters__/u:object_r:const_allow_param:s0" dev="tmpfs" ino=60 scontext=u:r:charger:s0 tcontext=u:object_r:const_allow_param:s0 tclass=file permissive=1
67allow charger const_allow_param:file { open read map };
68
69#avc:  denied  { read } for  pid=220 comm="charger" name="u:object_r:const_allow_mock_param:s0" dev="tmpfs" ino=61 scontext=u:r:charger:s0 tcontext=u:object_r:const_allow_mock_param:s0 tclass=file permissive=0
70#avc:  denied  { open } for  pid=234 comm="charger" path="/dev/__parameters__/u:object_r:const_allow_mock_param:s0" dev="tmpfs" ino=61 scontext=u:r:charger:s0 tcontext=u:object_r:const_allow_mock_param:s0 tclass=file permissive=1
71#avc:  denied  { map } for  pid=214 comm="charger" path="/dev/__parameters__/u:object_r:const_allow_mock_param:s0" dev="tmpfs" ino=61 scontext=u:r:charger:s0 tcontext=u:object_r:const_allow_mock_param:s0 tclass=file permissive=1
72allow charger const_allow_mock_param:file { open read map };
73
74#avc:  denied  { connectto } for  pid=262 comm="charger" path="/dev/unix/socket/paramservice" scontext=u:r:charger:s0 tcontext=u:r:kernel:s0 tclass=unix_stream_socket permissive=0
75allow charger kernel:unix_stream_socket { connectto };
76
77#avc:  denied  { read } for  pid=192 comm="charger" name="u:object_r:security_param:s0" dev="tmpfs" ino=64 scontext=u:r:charger:s0 tcontext=u:object_r:security_param:s0 tclass=file permissive=1
78#avc:  denied  { map } for  pid=211 comm="charger" path="/dev/__parameters__/u:object_r:security_param:s0" dev="tmpfs" ino=64 scontext=u:r:charger:s0 tcontext=u:object_r:security_param:s0 tclass=file permissive=1
79allow charger security_param:file { open read map };
80
81#avc:  denied  { open } for  pid=212 comm="charger" path="/dev/__parameters__/u:object_r:hilog_param:s0" dev="tmpfs" ino=65 scontext=u:r:charger:s0 tcontext=u:object_r:hilog_param:s0 tclass=file permissive=1
82#avc:  denied  { map } for  pid=209 comm="charger" path="/dev/__parameters__/u:object_r:hilog_param:s0" dev="tmpfs" ino=65 scontext=u:r:charger:s0 tcontext=u:object_r:hilog_param:s0 tclass=file permissive=1
83allow charger hilog_param:file { open read map };
84
85#avc:  denied  { read } for  pid=205 comm="charger" name="u:object_r:input_pointer_device_param:s0" dev="tmpfs" ino=73 scontext=u:r:charger:s0 tcontext=u:object_r:input_pointer_device_param:s0 tclass=file permissive=1
86#avc:  denied  { open } for  pid=209 comm="charger" path="/dev/__parameters__/u:object_r:input_pointer_device_param:s0" dev="tmpfs" ino=73 scontext=u:r:charger:s0 tcontext=u:object_r:input_pointer_device_param:s0 tclass=file permissive=1
87#avc:  denied  { map } for  pid=200 comm="charger" path="/dev/__parameters__/u:object_r:input_pointer_device_param:s0" dev="tmpfs" ino=73 scontext=u:r:charger:s0 tcontext=u:object_r:input_pointer_device_param:s0 tclass=file permissive=1
88allow charger input_pointer_device_param:file { open read map };
89
90#avc:  denied  { read } for  pid=258 comm="charger" name="u:object_r:const_display_brightness_param:s0" dev="tmpfs" ino=74 scontext=u:r:charger:s0 tcontext=u:object_r:const_display_brightness_param:s0 tclass=file permissive=1
91#avc:  denied  { open } for  pid=244 comm="charger" path="/dev/__parameters__/u:object_r:const_display_brightness_param:s0" dev="tmpfs" ino=74 scontext=u:r:charger:s0 tcontext=u:object_r:const_display_brightness_param:s0 tclass=file permissive=1
92#avc:  denied  { map } for  pid=248 comm="charger" path="/dev/__parameters__/u:object_r:const_display_brightness_param:s0" dev="tmpfs" ino=74 scontext=u:r:charger:s0 tcontext=u:object_r:const_display_brightness_param:s0 tclass=file permissive=1
93allow charger const_display_brightness_param:file { open read map };
94
95#avc:  denied  { read } for  pid=250 comm="hdf_devhost" name="u:object_r:default_param:s0" dev="tmpfs" ino=75 scontext=u:r:charger:s0 tcontext=u:object_r:default_param:s0 tclass=file permissive=1
96#avc:  denied  { open } for  pid=245 comm="hdf_devhost" path="/dev/__parameters__/u:object_r:default_param:s0" dev="tmpfs" ino=75 scontext=u:r:charger:s0 tcontext=u:object_r:default_param:s0 tclass=file permissive=1
97#avc:  denied  { map } for  pid=215 comm="hdf_devhost" path="/dev/__parameters__/u:object_r:default_param:s0" dev="tmpfs" ino=75 scontext=u:r:charger:s0 tcontext=u:object_r:default_param:s0 tclass=file permissive=1
98allow charger default_param:file { open read map };
99
100#avc:  denied  { getattr } for  pid=262 comm="charger" path="/dev/dev_mgr" dev="tmpfs" ino=188 scontext=u:r:charger:s0 tcontext=u:object_r:dev_mgr_file:s0 tclass=chr_file permissive=0
101allow charger dev_mgr_file:chr_file { getattr };
102
103#avc:  denied  { search } for  pid=275 comm="charger" name="service" dev="mmcblk0p11" ino=7 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_file:s0 tclass=dir permissive=0
104allow charger data_service_file:dir { search };
105
106#avc:  denied  { search } for  pid=267 comm="charger" name="el0" dev="mmcblk0p11" ino=8 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=dir permissive=0
107#avc:  denied  { add_name } for  pid=242 comm="charger" name="el0" dev="mmcblk0p11" ino=8 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=dir permissive=0
108#avc:  denied  { read } for  pid=253 comm="charger" name="el0" dev="mmcblk0p11" ino=8 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=dir permissive=0
109#avc:  denied  { write } for  pid=253 comm="charger" name="el0" dev="mmcblk0p11" ino=8 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=dir permissive=0
110allow charger data_service_el0_file:dir { search open read write add_name };
111
112#avc:  denied  { read } for  pid=268 comm="charger" name="capacity" dev="mmcblk0p11" ino=240 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=file permissive=0
113#avc:  denied  { write } for  pid=296 comm="charger" name="capacity" dev="mmcblk0p11" ino=242 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=file permissive=0
114#avc:  denied  { ioctl } for  pid=202 comm="charger" dev="mmcblk0p11" ino=204 ioctlcmd=0x6203 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=file permissive=1
115#avc:  denied  { create } for  pid=202 comm="charger" dev="mmcblk0p11" ino=204 ioctlcmd=0x6203 scontext=u:r:charger:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=file permissive=1
116allow charger data_service_el0_file:file { open read write create ioctl };
117
118#avc:  denied  { read } for  pid=306 comm="charger" name="leds" scontext=u:r:charger:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=0
119allow charger sysfs_leds:dir { open read };
120
121#avc:  denied  { call } for  pid=275 comm="charger" scontext=u:r:charger:s0 tcontext=u:r:hdf_devmgr:s0 tclass=binder permissive=1
122allow charger hdf_devmgr:binder { call };
123
124#avc:  denied  { call } for  pid=327 comm="charger" scontext=u:r:charger:s0 tcontext=u:r:light_host:s0 tclass=binder permissive=1
125allow charger light_host:binder { call };
126
127#avc:  denied  { search } for  pid=271 comm="charger" name="dri" dev="tmpfs" ino=81 scontext=u:r:charger:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=dir permissive=0
128allow charger dev_dri_file:dir { search };
129
130#avc:  denied  { open } for  pid=235 comm="charger" name="card0" dev="tmpfs" ino=83 scontext=u:r:charger:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=0
131#avc:  denied  { read write } for  pid=275 comm="charger" name="card0" dev="tmpfs" ino=83 scontext=u:r:charger:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=0
132#avc:  denied  { map } for  pid=239 comm="charger" name="card0" dev="tmpfs" ino=83 scontext=u:r:charger:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=0
133#avc:  denied  { ioctl } for  pid=267 comm="charger" name="card0" dev="tmpfs" ino=83 scontext=u:r:charger:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=0
134allow charger dev_dri_file:chr_file { open ioctl read write map };
135
136#avc:  denied  { getattr } for  pid=262 comm="charger" path="/dev/hdf_input_event1" dev="tmpfs" ino=198 scontext=u:r:charger:s0 tcontext=u:object_r:dev_hdf_input:s0 tclass=chr_file permissive=0
137#avc:  denied  { ioctl } for  pid=253 comm="charger" path="/dev/hdf_input_event1" dev="tmpfs" ino=198 scontext=u:r:charger:s0 tcontext=u:object_r:dev_hdf_input:s0 tclass=chr_file permissive=0
138#avc:  denied  { write} for  pid=260 comm="charger" path="/dev/hdf_input_event1" dev="tmpfs" ino=198 scontext=u:r:charger:s0 tcontext=u:object_r:dev_hdf_input:s0 tclass=chr_file permissive=0
139#avc:  denied  { map } for  pid=257 comm="charger" path="/dev/hdf_input_event1" dev="tmpfs" ino=198 scontext=u:r:charger:s0 tcontext=u:object_r:dev_hdf_input:s0 tclass=chr_file permissive=0
140#avc:  denied  { read } for  pid=257 comm="charger" path="/dev/hdf_input_event1" dev="tmpfs" ino=198 scontext=u:r:charger:s0 tcontext=u:object_r:dev_hdf_input:s0 tclass=chr_file permissive=0
141allow charger dev_hdf_input:chr_file { getattr open read write ioctl map };
142
143#avc:  denied  { read } for  pid=271 comm="charger" scontext=u:r:charger:s0 tcontext=u:r:charger:s0 tclass=netlink_kobject_uevent_socket permissive=1
144#avc:  denied  { create } for  pid=271 comm="charger" scontext=u:r:charger:s0 tcontext=u:r:charger:s0 tclass=netlink_kobject_uevent_socket permissive=1
145#avc:  denied  { setopt } for  pid=266 comm="charger" scontext=u:r:charger:s0 tcontext=u:r:charger:s0 tclass=netlink_kobject_uevent_socket permissive=1
146#avc:  denied  { bind } for  pid=266 comm="charger" scontext=u:r:charger:s0 tcontext=u:r:charger:s0 tclass=netlink_kobject_uevent_socket permissive=1
147allow charger charger:netlink_kobject_uevent_socket { read create setopt bind };
148
149#avc:  denied  { get } for service=5100 pid=280 scontext=u:r:charger:s0 tcontext=u:object_r:hdf_light_interface_service:s0 tclass=hdf_devmgr_class permissive=0
150allow charger hdf_light_interface_service:hdf_devmgr_class { get };
151
152#avc:  denied  { get } for service=5100 pid=270 scontext=u:r:charger:s0 tcontext=u:object_r:sa_device_service_manager:s0 tclass=samgr_class permissive=0
153allow charger sa_device_service_manager:samgr_class { get };
154
155#avc:  denied  { read } for  pid=278 comm="charger" scontext=u:r:charger:s0 tcontext=u:object_r:accessibility_param:s0 tclass=file permissive=1
156#avc:  denied  { map } for  pid=278 comm="charger" scontext=u:r:charger:s0 tcontext=u:object_r:accessibility_param:s0 tclass=file permissive=1
157allow charger accessibility_param:file { open read map };
158
159#avc:  denied  { search } for  pid=271 comm="charger" name="etc" dev="mmcblk0p7" ino=20 scontext=u:r:charger:s0 tcontext=u:object_r:vendor_etc_file:s0 tclass=dir permissive=0
160allow charger vendor_etc_file:dir { search };
161
162#avc:  denied  { read } for  pid=275 comm="charger" name="loop00000.png" dev="mmcblk0p7" ino=31 scontext=u:r:charger:s0 tcontext=u:object_r:vendor_etc_file:s0 tclass=file permissive=0
163allow charger vendor_etc_file:file { open read };
164
165#avc:  denied  { set } for process="unknown process" parameter=startup.device.ctl pid=268 uid=6667 gid=6667 scontext=u:r:charger:s0 tcontext=u:object_r:startup_param:s0 tclass=parameter_service permissive=0
166allow charger startup_param:parameter_service { set };
167
168#avc:  denied  { set } for process="unknown process" parameter=startup.device.ctl pid=299 uid=6667 gid=6667 scontext=u:r:charger:s0 tcontext=u:object_r:ohos_param:s0 tclass=parameter_service permissive=0
169allow charger ohos_param:parameter_service { set };
170
171#avc:  denied  { search } for  pid=279 comm="charger" name="graphics" dev="tmpfs" ino=77 scontext=u:r:charger:s0 tcontext=u:object_r:dev_graphics_file:s0 tclass=dir permissive=0
172allow charger dev_graphics_file:dir { search };
173
174#avc:  denied  { getattr } for  pid=281 comm="charger" path="/vendor/etc/charger/resources/animation.json" dev="mmcblk0p7" ino=29 scontext=u:r:charger:s0 tcontext=u:object_r:vendor_etc_file:s0 tclass=file permissive=0
175allow charger vendor_etc_file:dir { getattr };
176
177#avc:  denied  { getattr } for  pid=281 comm="charger" path="/dev/dri/renderD128" dev="tmpfs" ino=80 scontext=u:r:charger:s0 tcontext=uobject_r:dev_dri_file:s0 tclass=chr_file permissive=0
178allow charger dev_dri_file:chr_file { getattr };
179
180 #avc:  denied  { getattr } for  pid=281 comm="charger" path="/vendor/etc/charger/resources/animation.json" dev="mmcblk0p7" ino=29 scontext=u:r:charger:s0 tcontext=u:object_r:vendor_etc_file:s0 tclass=file permissive=0
181allow charger vendor_etc_file:file { getattr };
182
183#avc:  denied  { read write } for  pid=281 comm="charger" name="fb0" dev="tmpfs" ino=78 scontext=u:r:charger:s0 tcontext=u:object_r:dev_graphics_file:s0 tclass=chr_file permissive=0
184#avc:  denied  { ioctl } for  pid=278 comm="charger" path="/dev/graphics/fb0" dev="tmpfs" ino=78 ioctlcmd=0x4611 scontext=u:r:charger:s0 tcontext=u:object_r:dev_graphics_file:s0 tclass=chr_file permissive=0
185allow charger dev_graphics_file:chr_file { open read write ioctl };
186
187# avc:  denied  { set } for process="charger" parameter=startup.device.ctl pid=277 uid=6667 gid=6667 scontext=u:r:charger:s0 tcontext=u:object_r:servicectrl_reboot_param:s0 tclass=parameter_service permissive=1
188allow charger servicectrl_reboot_param:parameter_service { set };
189
190#avc:  denied  { get } for service=display_composer_service pid=281 scontext=u:r:charger:s0 tcontext=u:object_r:hdf_display_composer_service:s0 tclass=hdf_devmgr_class permissive=0
191allow charger hdf_display_composer_service:hdf_devmgr_class { get };
192
193#avc:  denied  { call } for  pid=281 comm="charger" scontext=u:r:charger:s0 tcontext=u:r:composer_host:s0 tclass=binder permissive=0
194allow charger composer_host:binder { call };
195
196allow charger dev_console_file:chr_file { read write };
197
198allow charger musl_param:file { map open read };
199
200allow charger chip_prod_file:dir { search };
201
202allow charger dev_ashmem_file:chr_file { open };
203
204allow charger sys_prod_file:dir { search };
205
206allow charger composer_host:fd { use };
207
208#avc:  denied  { open } for  pid=279 comm="charger" path="/dev/__parameters__/u:object_r:debug_param:s0" dev="tmpfs" ino=60 scontext=u:r:charger:s0 tcontext=u:object_r:debug_param:s0 tclass=file permissive=0
209allow charger debug_param:file { open read map };
210