1type init-qcom-devstart-sh, domain; 2type init-qcom-devstart-sh_exec, exec_type, vendor_file_type, file_type; 3 4init_daemon_domain(init-qcom-devstart-sh) 5 6allow init-qcom-devstart-sh vendor_shell_exec:file rx_file_perms; 7allow init-qcom-devstart-sh vendor_toolbox_exec:file rx_file_perms; 8 9# execute grep 10allow init-qcom-devstart-sh vendor_file:file rx_file_perms; 11 12# Set the vendor.qcom.devup property 13set_prop(init-qcom-devstart-sh, vendor_device_prop) 14# Set the vendor.sys.slpi.firmware.version property. 15set_prop(init-qcom-devstart-sh, public_vendor_system_prop) 16 17# Set boot_adsp and boot_slpi to 1 18allow init-qcom-devstart-sh sysfs_msm_subsys:file w_file_perms; 19 20# Initialize Edge Sense. 21# See b/67205273. 22allow init-qcom-devstart-sh sysfs:dir r_dir_perms; 23allow init-qcom-devstart-sh sysfs_pinctrl:dir r_dir_perms; 24allow init-qcom-devstart-sh sysfs_pinctrl:file rw_file_perms; 25allow init-qcom-devstart-sh sysfs_gpio_export:file w_file_perms; 26allow init-qcom-devstart-sh sysfs_soc:dir r_dir_perms; 27allow init-qcom-devstart-sh sysfs_soc:file r_file_perms; 28allow init-qcom-devstart-sh sysfs_msm_subsys:dir r_dir_perms; 29allow init-qcom-devstart-sh sysfs_msm_subsys:file r_file_perms; 30allow init-qcom-devstart-sh sysfs_scsi_devices_0000:file r_file_perms; 31allow init-qcom-devstart-sh sysfs_pixelstats:file r_file_perms; 32# Ignore permissions used but not needed. 33dontaudit init-qcom-devstart-sh sysfs:file { create getattr }; 34dontaudit init-qcom-devstart-sh sysfs_type:dir { read write }; 35dontaudit init-qcom-devstart-sh sysfs_graphics:file getattr; 36dontaudit init-qcom-devstart-sh sysfs_devices_block:file getattr; 37 38# Support for battery defender 39allow init-qcom-devstart-sh sysfs_chargelevel:file rw_file_perms; 40