1type rfs_access, domain; 2type rfs_access_exec, exec_type, vendor_file_type, file_type; 3 4init_daemon_domain(rfs_access) 5 6#For tftp server 7allow rfs_access self:capability { chown setgid setpcap setuid net_bind_service }; 8 9wakelock_use(rfs_access) 10 11r_dir_file(rfs_access, firmware_file); 12 13# For tftp server file access 14allow rfs_access mnt_vendor_file:dir search; 15allow rfs_access mnt_vendor_file:file r_file_perms; 16allow rfs_access persist_file:dir search; 17allow rfs_access persist_rfs_file:dir create_dir_perms; 18allow rfs_access persist_rfs_file:file create_file_perms; 19allow rfs_access mpss_rfs_data_file:dir create_dir_perms; 20allow rfs_access mpss_rfs_data_file:file create_file_perms; 21allow rfs_access rfs_tombstone_data_file:dir create_dir_perms; 22allow rfs_access rfs_tombstone_data_file:file create_file_perms; 23 24allow rfs_access self:socket create_socket_perms_no_ioctl; 25userdebug_or_eng(` 26allow rfs_access wifidump_vendor_data_file:dir rw_dir_perms; 27allow rfs_access wifidump_vendor_data_file:file create_file_perms; 28') 29 30dontaudit rfs_access kernel:system module_request; 31