allwinner_a64/android/device/softwinner/common/sepolicy/vendor/init.te

#============= init ==============
allow init block_device:blk_file write;
allow init userdata_block_device:blk_file write;
allow init cache_block_device:blk_file write;
allow init configfs:file write;
allow init configfs:lnk_file create;
allow init kernel:system module_request;
allow init self:capability sys_module;
dontaudit init self:capability sys_module;
allow init tmpfs:lnk_file create;
allow init ram_device:blk_file write;
allow init { vendor_file rootfs }:system module_load;
allow init kmsg_device:chr_file write;
#allow init rootfs:file { create read write };
allow init cgroup:file create;
allow init proc:dir { write add_name };
allow init proc:file create;
allow init proc_drop_caches:file write;
allow init metadata_block_device:lnk_file relabelto;
allow init sysfs:dir add_name;
allow init sysfs:file create;
allow init sysfs_zram:dir { write add_name };
allow init sysfs_zram:file create;