Firstly, write permission implies read so there is no need to list both - if write access to all of these files is required then you can remove the read section as that is redundant. Also the name custom-sysfiles is not really in keeping with the conventions so we may need to find a better / more descriptive name for this.
Secondly, access to device files should generally be provided by a specific snapd interface - however there is no such interface for these devices you have listed above. I wonder if instead whether snapd should be extended to allow application snaps to use the custom-device interface to declare such interfaces for themselves - this would then allow to get both the required AppArmor rules as well as the udev rules to properly setup the device cgroup for the snap (whereas using system-files will only grant the AppArmor rules). @pedronis could you comment?
Thirdly, regarding the other two paths
-
/sys/module/firmware_class/parameters/path- this looks to be specific to a particular kernel module - can you provide more details on this as I am not familiar with that - what does this file provide / why is write access required to it? -
/sys/bus/pci/drivers/mhi-pci-generic/bind- again I am not familiar with this - can you provide more information?
Finally, you have trailing .. at the end which makes me wonder if there are more files declared in your interface - can you please ensure you have provided complete details in your request? Thanks.