blob: 54603167483148fc5d8efac317ad0cffa265c1f9 [file] [log] [blame]
#Copyright (c) 2018, The Linux Foundation. All rights reserved.
#
#Redistribution and use in source and binary forms, with or without
#modification, are permitted provided that the following conditions are
#met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
#THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
#WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
#MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
#ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
#BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
#CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
#SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
#BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
#WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
#IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
type vendor_adpl, domain;
type vendor_adpl_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(vendor_adpl)
net_domain(vendor_adpl)
allow vendor_adpl { vendor_rmnet_device vendor_mhi_device vendor_ipa_dev }:chr_file rw_file_perms;
allow vendor_adpl self:{
socket
udp_socket
qipcrtr_socket
} create_socket_perms_no_ioctl;
set_prop(vendor_adpl, vendor_dataadpl_prop)
#diag
userdebug_or_eng(`
diag_use(vendor_adpl)
allow vendor_adpl vendor_sysfs_data:file r_file_perms;
')
#Allow vendor_adpl to create vendor_adpl socket
allow vendor_adpl vendor_dataadpl_socket:sock_file rw_file_perms;
#Allow vendor_adpl to read sysfs directory
allow vendor_adpl sysfs:dir r_dir_perms;