| # Direct access to vold-mounted storage under /mnt/media_rw |
| # This is a performance optimization that allows platform apps to bypass the FUSE layer |
| #allow platform_app sdcard_posix:dir create_dir_perms; |
| #allow platform_app sdcard_posix:file create_file_perms; |
| |
| # gallery2 crop avatar |
| allow platform_app system_app_data_file:file { create_file_perms rw_file_perms }; |
| |
| # gallery2 renderscript |
| allow platform_app app_data_file:file { execute }; |
| |
| #exfat/ntfs OTG |
| allow platform_app fuse_device:dir { rw_dir_perms create_dir_perms }; |
| allow platform_app fuse_device:file { rw_file_perms create_file_perms }; |
| allow platform_app fuse_device:filesystem getattr; |
| |
| # MatLog calls dmesg |
| allow platform_app kernel:system syslog_read; |
| |
| # no-fuse |
| allow platform_app exfat:dir { rw_dir_perms create_dir_perms }; |
| allow platform_app exfat:file { rw_file_perms create_file_perms }; |
| allow platform_app ntfs:dir { rw_dir_perms create_dir_perms }; |
| allow platform_app ntfs:file { rw_file_perms create_file_perms }; |
| allow platform_app sdcard_posix:dir create_dir_perms; |
| allow platform_app sdcard_posix:file create_file_perms; |