get_prop(vold, vendor_tee_listener_prop) allow vold sysfs_devices_block:file write; allow vold sysfs_mmc:file write; # allow vold to trim /mnt/vendor/persist by sending ioctl FITRIM allow vold persist_file:dir { ioctl open read }; # generated by proc scan, unnecessary dontaudit vold proc_irq:dir read;