| ;; complement CIL file for compatibility between ToT policy and 29.0 vendors. |
| ;; will be compiled along with other normal policy files, on 29.0 vendors. |
| ;; |
| |
| (typeattribute vendordomain) |
| (typeattributeset vendordomain ((and (domain) ((not (coredomain)))))) |
| (allow vendordomain self (netlink_route_socket (nlmsg_readpriv))) |
| |
| (typeattributeset mlsvendorcompat (and appdomain vendordomain)) |
| (allow mlsvendorcompat app_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir))) |
| (allow mlsvendorcompat app_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads))) |
| (allow mlsvendorcompat privapp_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir))) |
| (allow mlsvendorcompat privapp_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads))) |