| Subash Abhinov Kasiviswanathan | 9d9c0b5 | 2014-10-28 11:30:03 -0600 | [diff] [blame] | 1 | type port-bridge, domain; |
| 2 | type port-bridge_exec, exec_type, file_type; |
| 3 | init_daemon_domain(port-bridge) |
| 4 | |
| 5 | userdebug_or_eng(` |
| 6 | domain_auto_trans(shell, port-bridge_exec, netmgrd) |
| 7 | domain_auto_trans(adbd, port-bridge_exec, netmgrd) |
| 8 | ') |
| 9 | |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 10 | # Allow operations on different types of sockets |
| Subash Abhinov Kasiviswanathan | 9d9c0b5 | 2014-10-28 11:30:03 -0600 | [diff] [blame] | 11 | allow port-bridge port-bridge:netlink_kobject_uevent_socket { create bind read }; |
| 12 | |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 13 | # Allow process capabilities |
| 14 | allow port-bridge port-bridge:capability dac_override; |
| Subash Abhinov Kasiviswanathan | 9d9c0b5 | 2014-10-28 11:30:03 -0600 | [diff] [blame] | 15 | |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 16 | allow port-bridge { |
| 17 | # Allow operations on mhi transport |
| 18 | mhi_device |
| 19 | # Allow operations on gadget serial device |
| 20 | gadget_serial_device |
| 21 | # Allow operations on ATCoP g-link transport |
| 22 | at_device |
| 23 | }:chr_file rw_file_perms; |
| Subash Abhinov Kasiviswanathan | 9d9c0b5 | 2014-10-28 11:30:03 -0600 | [diff] [blame] | 24 | |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 25 | # Allow write permissions for log file |
| 26 | allow port-bridge port_bridge_data_file:file create_file_perms; |
| 27 | allow port-bridge port_bridge_data_file:dir w_dir_perms; |