common/usf.te - platform_device_qcom_sepolicy - Gitiles

 # Policy for usf daemons
 type usf, domain;
 type usf_exec, exec_type, file_type;

 # Started by init
 init_daemon_domain(usf)
 net_domain(usf)

 # Ultrasound device
 allow usf usf_device:chr_file rw_file_perms;

 # Audio
 allow usf audio_data_file:sock_file write;
 allow usf mediaserver:unix_stream_socket connectto;
 allow usf audio_data_file:dir r_dir_perms;
 allow usf audio_device:chr_file rw_file_perms;
 allow usf proc_audiod:file r_file_perms;
 allow usf audio_device:dir r_dir_perms;

 # Data files and persist storage
 allow usf usf_data_file:dir rw_dir_perms;
 allow usf usf_data_file:{ file sock_file fifo_file } create_file_perms;
 allow usf usf_data_file:lnk_file r_file_perms;
 r_dir_file(usf, persist_file)
 r_dir_file(usf, persist_usf_file)

 # Properties
 allow usf { ctl_default_prop usf_prop }:property_service set;

 # Sockets
 unix_socket_connect(usf, property, init);
	# Policy for usf daemons
	type usf, domain;
	type usf_exec, exec_type, file_type;

	# Started by init
	init_daemon_domain(usf)
	net_domain(usf)

	# Ultrasound device
	allow usf usf_device:chr_file rw_file_perms;

	# Audio
	allow usf audio_data_file:sock_file write;
	allow usf mediaserver:unix_stream_socket connectto;
	allow usf audio_data_file:dir r_dir_perms;
	allow usf audio_device:chr_file rw_file_perms;
	allow usf proc_audiod:file r_file_perms;
	allow usf audio_device:dir r_dir_perms;

	# Data files and persist storage
	allow usf usf_data_file:dir rw_dir_perms;
	allow usf usf_data_file:{ file sock_file fifo_file } create_file_perms;
	allow usf usf_data_file:lnk_file r_file_perms;
	r_dir_file(usf, persist_file)
	r_dir_file(usf, persist_usf_file)

	# Properties
	allow usf { ctl_default_prop usf_prop }:property_service set;

	# Sockets
	unix_socket_connect(usf, property, init);