1allow hal_bootctl_default devinfo_block_device:blk_file rw_file_perms; 2allow hal_bootctl_default sda_block_device:blk_file rw_file_perms; 3allow hal_bootctl_default sysfs_ota:file rw_file_perms; 4allow hal_bootctl_default tee_device:chr_file rw_file_perms; 5 6recovery_only(` 7 allow hal_bootctl_default rootfs:dir r_dir_perms; 8') 9