28 lines
891 B
Text
28 lines
891 B
Text
type port-bridge, domain, domain_deprecated;
|
|
type port-bridge_exec, exec_type, file_type;
|
|
init_daemon_domain(port-bridge)
|
|
|
|
userdebug_or_eng(`
|
|
domain_auto_trans(shell, port-bridge_exec, netmgrd)
|
|
domain_auto_trans(adbd, port-bridge_exec, netmgrd)
|
|
diag_use(port-bridge)
|
|
')
|
|
|
|
# Allow operations on different types of sockets
|
|
allow port-bridge port-bridge:netlink_kobject_uevent_socket { create bind read };
|
|
|
|
# Allow process capabilities
|
|
allow port-bridge port-bridge:capability dac_override;
|
|
|
|
allow port-bridge {
|
|
# Allow operations on mhi transport
|
|
mhi_device
|
|
# Allow operations on gadget serial device
|
|
gadget_serial_device
|
|
# Allow operations on ATCoP g-link transport
|
|
at_device
|
|
}:chr_file rw_file_perms;
|
|
|
|
# Allow write permissions for log file
|
|
allow port-bridge port_bridge_data_file:file create_file_perms;
|
|
allow port-bridge port_bridge_data_file:dir w_dir_perms;
|