# Adding allow rule for search on /fuse
allow init fuse:dir { search mounton };
allow init self:capability sys_module;
allow init {
    adsprpcd_file
    cache_file
    persist_file
    storage_file
}:dir mounton;
allow init kmsg_device:chr_file write;

#Allow triggering IPA FWs loading
allow init ipa_dev:chr_file write;

#For insmod to search module key for signature verification
allow init kernel:key search;

#For sdcard
allow init tmpfs:lnk_file create_file_perms;

#Certain domains needs LD_PRELOAD passed from init
#allow it for most domain. Do not honor LD_PRELOAD
#for lmkd
allow init { domain -lmkd }:process noatsecure;

#For configfs file permission
allow init configfs:dir r_dir_perms;
allow init configfs:file { rw_file_perms link };
allow init configfs:lnk_file create_file_perms;

#Allow init to mount non-hlos partitions in A/B builds
allow init firmware_file:dir { mounton };
allow init bt_firmware_file:dir { mounton };

#dontaudit non configfs usb denials
dontaudit init sysfs:dir write;