# ==============================================
# Policy File of /system/binaee_core_forwarder Executable File 


# ==============================================
# Type Declaration
# ==============================================

type aee_core_forwarder_exec , exec_type, file_type;
type aee_core_forwarder ,domain;

# ==============================================
# Android Policy Rule
# ==============================================

# ==============================================
# NSA Policy Rule
# ==============================================

# ==============================================
# MTK Policy Rule
# ==============================================

init_daemon_domain(aee_core_forwarder)

#/data/core/zcorexxx.zip
allow aee_core_forwarder aee_core_data_file:dir relabelto;
allow aee_core_forwarder aee_core_data_file:dir create_dir_perms;
allow aee_core_forwarder aee_core_data_file:file create_file_perms;
allow aee_core_forwarder system_data_file:dir { write relabelfrom create add_name };

#mkdir /sdcard/mtklog/aee_exp£¬and write /sdcard/mtklog/aee_exp/zcorexxx.zip
allow aee_core_forwarder fuse:dir create_dir_perms;
allow aee_core_forwarder fuse:file create_file_perms;
allow aee_core_forwarder tmpfs:lnk_file read;
allow aee_core_forwarder self:capability fsetid;
allow aee_core_forwarder aee_exp_data_file:dir create_dir_perms;
allow aee_core_forwarder aee_exp_data_file:file create_file_perms;

#mkdir(path, mode)
allow aee_core_forwarder self:capability dac_override;

#read STDIN_FILENO
allow aee_core_forwarder kernel:fifo_file read;

#read /proc/<pid>/cmdline
allow aee_core_forwarder domain:dir r_dir_perms;
allow aee_core_forwarder domain:file r_file_perms;

#read 
allow aee_core_forwarder sysfs_wake_lock:file { read write open };