# ==============================================
# MTK Policy Rule
# ==============================================

# Date : WK14.37
# Operation : Migration 
# Purpose : Access 'OMADM_USB' nvram
allow vold nvram_data_file:file { read getattr open write create setattr};
allow vold nvram_data_file:lnk_file read;
allow vold nvram_data_file:dir { read open write add_name create getattr setattr search};
allow vold nvdata_file:file { read getattr open write create setattr};
allow vold nvdata_file:dir { read ioctl open write add_name create getattr setattr search};
allow vold nvram_device:chr_file { read write open };
allow vold platformblk_device:blk_file { read write open };
allow vold platformblk_device:dir search;
allow vold proc:file write;

# Date : WK14.37
# Operation : Migration 
# Purpose : re-init ExternalSD
allow vold misc_sd_device:chr_file { read ioctl open };


# Date : WK14.38
# Operation : Migration 
# Purpose : encrypt phone
allow vold kernel:system module_request;
allow vold misc_device:chr_file { write open };
allow vold platformblk_device:blk_file { ioctl getattr };
allow vold zram0_device:blk_file getattr;

# Date : WK14.38
# Operation : Migration 
# Purpose : symbolic link for /data/ext_sdcard_tool
allow vold system_data_file:lnk_file { create unlink };

# Date : WK14.40
# Operation : Migration 
# Purpose : multi partition
allow vold sdcardd_exec:file { read open execute execute_no_trans };
allow vold self:capability { sys_resource setgid setuid };
allow vold install_data_file:file { read open };
allow vold fuse_device:chr_file { read write open };
allow vold system_data_file:file open;

# Date : WK14.40
# Operation : Migration 
# Purpose : ptrace process
allow vold mediaserver:process ptrace;

# Date : WK14.43
# Purpose : grant permission to /protect_f and /protect_s for the command, fstrim dotrim
allow vold protect_f_data_file:dir { read getattr open ioctl };
allow vold protect_s_data_file:dir { read getattr open ioctl };
allow vold persist_data_file:dir { read getattr open ioctl };

# Date : WK14.44
# Operation : Migration 
allow vold proc_lk_env:file { read write open ioctl};
allow vold media_rw_data_file:dir { read open };

# Date : WK14.46
# Operation : allow sdcard create tmpfs link file
allow vold tmpfs:lnk_file create;

# Date : WK14.46
# Operation : copy the logs in /data(tmpfs) to real userdata partition
allow vold logtemp_data_file:dir { read open getattr search};
allow vold logtemp_data_file:file { read getattr open };
allow vold logmisc_data_file:dir { read open getattr search};
allow vold logmisc_data_file:file { read getattr open };
allow vold mdlog_data_file:dir { read open getattr search};
allow vold mdlog_data_file:file { read getattr open };
allow vold data_tmpfs_log_file:dir { setattr getattr read create write rmdir relabelto remove_name open add_name search};
allow vold data_tmpfs_log_file:file { write setattr getattr relabelto create unlink open };
# mount crypto block device to /data/tmp_mnt/data_tmpfs_log and restorecon
allow vold system_data_file:dir { relabelfrom relabelto setattr };
allow vold system_data_file:file { relabelfrom relabelto};

# Date : WK14.49
# Purpose : ptrace process
allow vold platform_app:process ptrace;
allow vold mobile_log_d:process ptrace;

# Date : WK14.50
# Purpose : read/write sys env
allow vold misc_device:chr_file read;

# Date : WK15.02
# Purpose : fsck_msdos
allow vold platform_app:fd use;

#install APK move to SD
allow vold block_device:file create;