LSPosed/edxp-core/template_override/sepolicy.rule

allow system_server system_server process execmem
allow system_server system_server memprotect mmap_zero
allow zygote app_data_file dir { search read }
allow zygote app_data_file file { getattr read open }