allow cameraserver camera_socket:dir { search write add_name };
allow cameraserver camera_socket:file { read write getattr open };
allow mm-qcamerad camera_socket:dir { search write add_name };
allow mm-qcamerad camera_socket:file { read write getattr open };

#============= credmgr ==============
allow credmgr iddd:unix_dgram_socket sendto;
allow credmgr iddd_file:sock_file write;
allow credmgr secd_data_file:file { write getattr setattr read lock open };
allow credmgr self:capability dac_override;
allow credmgr socket_device:sock_file write;
allow credmgr suntrold:unix_stream_socket connectto;
allow credmgr tad:unix_stream_socket connectto;
allow credmgr tad_socket:sock_file write;
allow credmgr tee_device:chr_file { read write open ioctl };

#============= iddd ==============
allow iddd default_prop:property_service set;
allow iddd iddd_file:dir { remove_name search add_name };
allow iddd iddd_file:file { rename create };
allow iddd init:unix_stream_socket connectto;
allow iddd property_socket:sock_file write;
allow iddd iddd_file:file unlink;
allow iddd iddd_file:sock_file { write create unlink setattr };
allow iddd logd:unix_stream_socket connectto;
allow iddd logdr_socket:sock_file write;
allow iddd self:netlink_socket { write bind create };
allow iddd system_file:file execute_no_trans;

#============= mediaserver ==============
allow mediaserver credmgr:unix_stream_socket connectto;
allow mediaserver socket_device:sock_file write;

#============= suntrold ==============
allow suntrold self:capability dac_override;
allow suntrold socket_device:dir add_name;
allow suntrold socket_device:sock_file { create setattr };
allow suntrold tad:unix_stream_socket connectto;
allow suntrold tad_socket:sock_file write;
allow suntrold tee_device:chr_file { read write ioctl open };

#============= system_server ==============
allow system_server ta_data_file:file { read open };

#============= ta_qmi ==============
allow ta_qmi self:capability { setuid setgid };

#============= tad ==============
allow tad block_device:blk_file { read write ioctl open };
allow tad iddd:unix_dgram_socket sendto;
allow tad iddd_file:sock_file write;

#============= thermanager ==============
allow thermanager sysfs_battery_supply:dir search;
allow thermanager sysfs_battery_supply:file { read write open };




#============= init ==============
allow init block_device:blk_file setattr;
allow init debugfs:dir mounton;
allow init self:socket { read bind create write ioctl };
allow init smem_log_device:chr_file { write ioctl };
allow init socket_device:sock_file { create unlink setattr };

#============= taimport ==============
allow taimport ta_data_file:file unlink;


#============= credmgr ==============
allow credmgr ion_device:chr_file { ioctl open read };

#============= init ==============
allow init debugfs:file write;

#============= qti_init_shell ==============
allow qti_init_shell tad:unix_stream_socket connectto;
allow qti_init_shell tad_socket:sock_file write;

#============= scd ==============
allow scd socket_device:dir { add_name write };
allow scd socket_device:sock_file { create setattr };
allow scd sysfs:file { getattr open read };

#============= suntrold ==============
allow suntrold ion_device:chr_file { ioctl open read };

#============= tad ==============
allow tad proc:file { open read };
allow tad rootfs:file { entrypoint read };

#============= taimport ==============
allow taimport adbsecure_prop:property_service set;
allow taimport init:unix_stream_socket connectto;
allow taimport property_socket:sock_file write;

#============= thermanager ==============
allow thermanager sysfs:file { open read };

#============= wv ==============
allow wv ion_device:chr_file { ioctl open read };
allow wv socket_device:sock_file write;
allow wv suntrold:unix_stream_socket connectto;
allow wv tad:unix_stream_socket connectto;
allow wv tad_socket:sock_file write;
allow wv tee_device:chr_file { ioctl open read write };





#============= cameraserver ==============
allow cameraserver ta_data_file:dir { getattr open read };
allow cameraserver sudaemon:unix_dgram_socket sendto;
allow cameraserver sudaemon:unix_stream_socket connectto;
allow cameraserver mm-qcamerad:unix_stream_socket sendto;
allow cameraserver mm-qcamerad:unix_stream_socket connectto;



#============r credmgr ==============
allow credmgr ion_device:chr_file { ioctl open read };

#============= init ==============
allow init debugfs:file write;

#============= mm-qcamerad ==============
allow mm-qcamerad system_file:file execmod;
allow mm-qcamerad system_prop:property_service set;
allow mm-qcamerad ta_data_file:dir { getattr open read };

#============= qti_init_shell ==============
allow qti_init_shell tad:unix_stream_socket connectto;
allow qti_init_shell tad_socket:sock_file write;

#============= scd ==============
allow scd socket_device:dir { add_name write };
allow scd socket_device:sock_file { create setattr };
allow scd sysfs:file { getattr open read };

#============= suntrold ==============
allow suntrold ion_device:chr_file { ioctl open read };

#============= tad ==============
allow tad proc:file { open read };
allow tad rootfs:file { entrypoint read };

#============= taimport ==============
allow taimport adbsecure_prop:property_service set;
allow taimport init:unix_stream_socket connectto;
allow taimport property_socket:sock_file write;

#============= thermanager ==============
allow thermanager sysfs:file { open read };

#============= wv ==============
allow wv ion_device:chr_file { ioctl open read };
allow wv socket_device:sock_file write;
allow wv suntrold:unix_stream_socket connectto;
allow wv tad:unix_stream_socket connectto;
allow wv tad_socket:sock_file write;
allow wv tee_device:chr_file { ioctl open read write };