vdc.te - LeafOS-Project/android_system_sepolicy - Gitiles

 # vdc spawned from init for the following services:
 #  defaultcrypto
 #  encrypt
 #
 # We also transition into this domain from dumpstate, when
 # collecting bug reports.

 type vdc, domain;
 type vdc_exec, exec_type, file_type;

 init_daemon_domain(vdc)

 unix_socket_connect(vdc, vold, vold)

 # vdc sends information back to dumpstate when "adb bugreport" is used
 allow vdc dumpstate:fd use;
 allow vdc dumpstate:unix_stream_socket { read write getattr };

 # vdc information is written to shell owned bugreport files
 allow vdc shell_data_file:file { write getattr };

 # Why?
 allow vdc dumpstate:unix_dgram_socket { read write };
	# vdc spawned from init for the following services:
	# defaultcrypto
	# encrypt
	#
	# We also transition into this domain from dumpstate, when
	# collecting bug reports.

	type vdc, domain;
	type vdc_exec, exec_type, file_type;

	init_daemon_domain(vdc)

	unix_socket_connect(vdc, vold, vold)

	# vdc sends information back to dumpstate when "adb bugreport" is used
	allow vdc dumpstate:fd use;
	allow vdc dumpstate:unix_stream_socket { read write getattr };

	# vdc information is written to shell owned bugreport files
	allow vdc shell_data_file:file { write getattr };

	# Why?
	allow vdc dumpstate:unix_dgram_socket { read write };