| type port-bridge, domain; |
| type port-bridge_exec, exec_type, file_type; |
| init_daemon_domain(port-bridge) |
| |
| userdebug_or_eng(` |
| domain_auto_trans(shell, port-bridge_exec, netmgrd) |
| domain_auto_trans(adbd, port-bridge_exec, netmgrd) |
| ') |
| |
| #Allow operations on different types of sockets |
| allow port-bridge port-bridge:netlink_kobject_uevent_socket { create bind read }; |
| |
| #Allow process capabilities |
| allow port-bridge port-bridge:capability { dac_override }; |
| |
| #Allow operations on mhi transport |
| allow port-bridge mhi_device:chr_file rw_file_perms; |
| |
| #Allow operations on gadget serial device |
| allow port-bridge gadget_serial_device:chr_file { rw_file_perms }; |