# ==============================================
# Common SEPolicy Rule
# ==============================================

# Purpose: access for SYS_MEMORY_INFO
allow dumpstate fuse:dir w_dir_perms;
allow dumpstate fuse:file create_file_perms;

# Purpose: mnt/user/*
allow dumpstate mnt_user_file:dir search;
allow dumpstate mnt_user_file:lnk_file r_file_perms;

# Purpose: /storage/*
allow dumpstate storage_file:lnk_file r_file_perms;

# Purpose: timer_intval. this is neverallow
allow dumpstate kmsg_device:chr_file r_file_perms;

# Data : WK17.03
# Purpose: Allow to access gpu
allow dumpstate gpu_device:dir search;

# Date: 2017/07/11
# Purpose: 01-01 08:30:57.474   286   286 E SELinux : avc:  denied  { find } for interface=
# android.hardware.camera.provider::ICameraProvider pid=3133 scontext=u:r:dumpstate:s0 tcontext=
# u:object_r:hal_camera_hwservice:s0 tclass=hwservice_manager
hal_client_domain(dumpstate, hal_camera)

#Purpose: Allow dumpstate to read/write /sys/kernel/debug/tracing/buffer_total_size_kb
userdebug_or_eng(`allow dumpstate debugfs_tracing_debug:file rw_file_perms;')

# Purpose: Allow dumpstate to write /sys/devices/virtual/timed_output/vibrator/enable
allow dumpstate sysfs_vibrator:file w_file_perms;

# Purpose : Allow dumpstate self to sys_nice sys_admin
allow dumpstate self:capability { sys_nice sys_admin };