1# Copyright (c) 2023 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14allow init data_module_update:dir { add_name create getattr link open read relabelto remove_name search setattr unlink write };
15allow init data_module_update_package:dir { getattr open read relabelto search setattr write };
16allow init data_module_update_package:file { getattr link open read map unlink relabelfrom write };
17allow init data_module_update:file { getattr link open read map relabelto unlink write };
18allowxperm init dev_block_file:blk_file ioctl { 0x1261 0x4c00 0x4c01 0x4c04 0x4c09 0x4c0a };
19allow init dev_file:chr_file { ioctl open read write };
20allowxperm init dev_file:chr_file ioctl { 0xfd03 0xfd06 0xfd07 0xfd09 };
21allow init dev_mapper_control_file:chr_file { ioctl open read write relabelto getattr setattr };
22allowxperm init dev_mapper_control_file:chr_file ioctl { 0xfd03 0xfd06 0xfd07 0xfd09 0xfd04 };
23allow init dev_loop_control_file:chr_file { getattr ioctl open read write };
24allowxperm init dev_loop_control_file:chr_file ioctl { 0x4c80 0x4c82 };
25allow init module_update_file:dir { search };
26allow init module_update_service:binder { call };
27allow init sa_module_update_service:samgr_class { get };
28allow init sysfs_block_loop:file { open read write };
29allow init system_file:dir { open read };
30allow init system_file:file { open read getattr };
31allow init system_module_update_file:dir { getattr open read search };
32allow init system_module_update_file:file { getattr open read };
33allow init system_profile_file:file { getattr open read };
34allow init tmpfs:dir { remove_name rmdir };
35allow init tmpfs:filesystem { mount };
36allow init sysfs_block_loop:file { getattr open read write };
37