type ramdump_exec, exec_type, vendor_file_type, file_type; userdebug_or_eng(` type ramdump, domain; init_daemon_domain(ramdump) set_prop(ramdump, vendor_ramdump_prop) allow ramdump self:capability sys_rawio; allow ramdump ramdump_vendor_data_file:dir create_dir_perms; allow ramdump ramdump_vendor_data_file:file create_file_perms; allow ramdump { proc proc_cmdline }:file r_file_perms; allow ramdump block_device:dir search; allow ramdump misc_block_device:blk_file rw_file_perms; allow ramdump userdata_block_device:blk_file rw_file_perms; # read from /fstab.taimen allow ramdump rootfs:file r_file_perms; dontaudit ramdump metadata_file:dir search; r_dir_file(ramdump, sysfs_type) ')