1 # Allow update_engine and update_engine_sideload (recovery) read/write on the 2 # device-specific partitions it should update. 3 allow update_engine_common xbl_block_device:blk_file rw_file_perms; 4 allow update_engine_common ab_block_device:blk_file rw_file_perms; 5 allow update_engine_common modem_block_device:blk_file rw_file_perms; 6 7 allow update_engine_common postinstall_mnt_dir:dir r_dir_perms; 8 allow update_engine_common tmpfs:lnk_file r_file_perms; 9
