allow kernel self:capability { chown mknod };
dontaudit kernel kernel:capability { dac_override dac_read_search };

# /dev/mbin0
allow kernel emmcblk_device:blk_file r_file_perms;
allow kernel device:blk_file { create setattr getattr unlink };
# /bus/usb/001/001
allow kernel device:dir { create write remove_name rmdir add_name };
allow kernel device:chr_file { create setattr getattr unlink };

# /sys/devices/system/cpu/cpu[0-9]/cpufreq/*
allow kernel sysfs_devices_system_cpu:file { setattr };
allow kernel sysfs:file { setattr };

# /efs contents
allow kernel { app_efs_file battery_efs_file efs_file sensor_efs_file }:dir r_dir_perms;
allow kernel { app_efs_file battery_efs_file efs_file sensor_efs_file }:file rw_file_perms;

# /efs/wifi/.mac.info
allow kernel wifi_efs_file:dir r_dir_perms;
allow kernel wifi_efs_file:file r_file_perms;

# /data/misc/conn/.wifiver.info
allow kernel wifi_data_file:file rw_file_perms;

# sysfs_lcd
allow kernel sysfs_lcd:file { open read };