# ==============================================
# Common SEPolicy Rule
# ==============================================
# recovery console (used in recovery init.rc for /sbin/recovery)

# Date : WK18.16
# Operation : UT
# Purpose : Refine policy
allow recovery misc_sd_device:chr_file rw_file_perms;
allow recovery vfat:dir r_dir_perms;
allow recovery vfat:file r_file_perms;
allow recovery sysfs_devices_block:dir r_dir_perms;
allow recovery sysfs_devices_block:file rw_file_perms;
allow recovery sysfs_devices_block:lnk_file r_file_perms;

# Date : WK18.25
# Operation : UT
# Purpose : Add policy for therm, gpu, battery, and boot_type
allow recovery sysfs:dir r_dir_perms;
allow recovery sysfs_batteryinfo:dir r_dir_perms;
allow recovery sysfs_boot_type:file r_file_perms;
allow recovery sysfs_therm:dir r_dir_perms;
allow recovery sysfs_therm:file r_file_perms;
allow recovery gpu_device:dir r_dir_perms;
allow recovery dri_device:chr_file rw_file_perms;

# Date : WK18.09
# Operation : UT
# Purpose : Allow recovery can update boot partition
allow recovery tmpfs:lnk_file r_file_perms;

# Date : WK19.03
# Operation : UT
# Purpose : Android Migration
allow recovery bootdevice_block_device:blk_file rw_file_perms;
allowxperm recovery bootdevice_block_device:blk_file ioctl {
 MMC_IOCTLCMD
 UFS_IOCTLCMD
};

allow recovery sysfs_dm:dir search;
allow recovery sysfs_dm:file r_file_perms;
allowxperm recovery tmpfs:file ioctl FS_IOC_FIEMAP;
allowxperm recovery cache_block_device:blk_file ioctl BLKPBSZGET;
allowxperm recovery nvdata_device:blk_file ioctl BLKPBSZGET;
allow recovery proc_filesystems:file r_file_perms;

# Seen during 'Wipe data/factory reset'
allow recovery devpts:chr_file rw_file_perms;