allow kernel param_block_device:dir search;
allow kernel param_block_device:blk_file rw_file_perms;
allow kernel per_boot_file:file r_file_perms;