1# kcmdlinectrl is a tool to have the bootloader send kernel commandline flags 2# for enabling dogfood features in the kernel 3type kcmdlinectrl, domain, coredomain; 4type kcmdlinectrl_exec, system_file_type, exec_type, file_type; 5 6init_daemon_domain(kcmdlinectrl) 7 8# for setting kcmdline properties to match the bootloader state. 9set_prop(kcmdlinectrl, kcmdline_prop) 10 11# kcmdlinectrl communicates the request to the bootloader via the misc partition. 12# needs to write to update the request in misc partition, and read to sync 13# back to the property. 14allow kcmdlinectrl misc_block_device:blk_file rw_file_perms; 15allow kcmdlinectrl block_device:dir r_dir_perms; 16read_fstab(kcmdlinectrl) 17 18# bootloader_message tries to find the fstab in the device config path first, 19# but because we've already booted up we can use the ro.boot properties instead, 20# so we can just ignore the SELinux denial. 21dontaudit kcmdlinectrl sysfs_dt_firmware_android:dir search; 22dontaudit kcmdlinectrl vendor_property_type:file read; 23