1 # rmt_storage daemon 2 type rmt_storage, domain; 3 type rmt_storage_exec, exec_type, file_type; 4 5 init_daemon_domain(rmt_storage) 6 7 # Drop (user, group) to (nobody, nobody) 8 allow rmt_storage self:capability { setuid setgid }; 9 10 # Opens and reads /dev/block/mmcblk0. 11 allow rmt_storage root_block_device:blk_file r_file_perms; 12 13 # Allow access to /dev/uio0. 14 allow rmt_storage uio_device:chr_file rw_file_perms; 15 16 # Allow access to /dev/smem_log. 17 allow rmt_storage smem_log_device:chr_file rw_file_perms; 18 19 # Allow access to modem related block devices. 20 allow rmt_storage modem_block_device:blk_file rw_file_perms; 21 22 # Allow access to SSD related block devices. 23 allow rmt_storage ssd_block_device:blk_file rw_file_perms; 24 25 allow rmt_storage self:socket create_socket_perms; 26 27 allow rmt_storage sysfs:file r_file_perms; 28 29 allow rmt_storage sysfs:dir r_dir_perms; 30 31 # Wake lock access. 32 wakelock_use(rmt_storage) 33
