update_verifier.te - LeafOS-Project/android_system_sepolicy - Gitiles

 # update_verifier
 type update_verifier, domain;
 type update_verifier_exec, exec_type, file_type;

 init_daemon_domain(update_verifier)

 # Raw writes to bootctrl block device
 allow update_verifier bootctrl_block_device:blk_file rw_file_perms;

 # TODO: Add rules to allow update_verifier to read system_block_device.
	# update_verifier
	type update_verifier, domain;
	type update_verifier_exec, exec_type, file_type;

	init_daemon_domain(update_verifier)

	# Raw writes to bootctrl block device
	allow update_verifier bootctrl_block_device:blk_file rw_file_perms;

	# TODO: Add rules to allow update_verifier to read system_block_device.