1*e4a36f41SAndroid Build Coastguard Workertypeattribute kernel coredomain; 2*e4a36f41SAndroid Build Coastguard Worker 3*e4a36f41SAndroid Build Coastguard Workerdomain_auto_trans(kernel, init_exec, init) 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Worker# Allow the kernel to read otapreopt_chroot's file descriptors and files under 6*e4a36f41SAndroid Build Coastguard Worker# /postinstall, as it uses apexd logic to mount APEX packages in /postinstall/apex. 7*e4a36f41SAndroid Build Coastguard Workerallow kernel otapreopt_chroot:fd use; 8*e4a36f41SAndroid Build Coastguard Workerallow kernel postinstall_file:file read; 9