type hardware_info_app, domain; app_domain(hardware_info_app) # App allow hardware_info_app app_data_file:file execute; # Services allow hardware_info_app app_api_service:service_manager find; # Shell allow hardware_info_app shell_data_file:dir search; allow hardware_info_app shell_data_file:file { open read }; # SysFS allow hardware_info_app sysfs_batteryinfo:dir search; allow hardware_info_app sysfs_batteryinfo:file { getattr open read }; allow hardware_info_app sysfs_camera:dir search; allow hardware_info_app sysfs_camera:file { getattr open read }; allow hardware_info_app sysfs_msm_subsys:dir search; allow hardware_info_app sysfs_scsi_devices_0000:dir search; allow hardware_info_app sysfs_scsi_devices_0000:file { getattr open read }; allow hardware_info_app sysfs_soc:dir search; allow hardware_info_app sysfs_soc:file { getattr open read }; # DebugFS allow hardware_info_app debugfs_ufs:dir search; allow hardware_info_app debugfs_ufs:file r_file_perms;