1type rfs_access, domain; 2type rfs_access_exec, exec_type, vendor_file_type, file_type; 3 4init_daemon_domain(rfs_access) 5 6#For tftp server 7allow rfs_access self:capability { chown setgid setpcap setuid net_bind_service }; 8 9wakelock_use(rfs_access) 10 11# For tftp server file access 12allow rfs_access firmware_file:dir search; 13allow rfs_access firmware_file:file r_file_perms; 14allow rfs_access persist_file:dir search; 15allow rfs_access persist_rfs_file:dir create_dir_perms; 16allow rfs_access persist_rfs_file:file create_file_perms; 17 18allow rfs_access self:socket create_socket_perms_no_ioctl; 19 20# For ramdump entries in /data/vendor/tombstones 21allow rfs_access tombstone_rfs_vendor_data_file:dir create_dir_perms; 22allow rfs_access tombstone_rfs_vendor_data_file:file create_file_perms; 23