allow priv_app proc_modules:file { open getattr };
allow priv_app proc_uptime:file { open getattr read };
allow priv_app proc_interrupts:file { open };
allow priv_app sysfs:dir { open };
dontaudit priv_app mnt_vendor_file:dir { search };

#for gpu
allow priv_app sysfs_usb:file rw_file_perms;
allow priv_app ota_data_file:dir { search rw_dir_perms };

allow priv_app vr_manager_service:service_manager find;

binder_call(priv_app, zygote)
rw_rockchip_graphic_device(priv_app)