| type hardware_info_app, domain; |
| |
| app_domain(hardware_info_app) |
| |
| # App |
| allow hardware_info_app app_data_file:file execute; |
| |
| # Services |
| allow hardware_info_app app_api_service:service_manager find; |
| |
| # Shell |
| allow hardware_info_app shell_data_file:dir search; |
| allow hardware_info_app shell_data_file:file { open read }; |
| |
| # SysFS |
| allow hardware_info_app sysfs_batteryinfo:dir search; |
| allow hardware_info_app sysfs_batteryinfo:file { getattr open read }; |
| allow hardware_info_app sysfs_camera:dir search; |
| allow hardware_info_app sysfs_camera:file { getattr open read }; |
| allow hardware_info_app sysfs_msm_subsys:dir search; |
| allow hardware_info_app sysfs_scsi_devices_0000:dir search; |
| allow hardware_info_app sysfs_scsi_devices_0000:file { getattr open read }; |
| allow hardware_info_app sysfs_soc:dir search; |
| allow hardware_info_app sysfs_soc:file { getattr open read }; |
| |
| # DebugFS |
| allow hardware_info_app debugfs_ufs:dir search; |
| allow hardware_info_app debugfs_ufs:file r_file_perms; |