1*e4a36f41SAndroid Build Coastguard Worker;; complement CIL file for compatibility between ToT policy and 29.0 vendors. 2*e4a36f41SAndroid Build Coastguard Worker;; will be compiled along with other normal policy files, on 29.0 vendors. 3*e4a36f41SAndroid Build Coastguard Worker;; 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Worker(typeattribute vendordomain) 6*e4a36f41SAndroid Build Coastguard Worker(typeattributeset vendordomain ((and (domain) ((not (coredomain)))))) 7*e4a36f41SAndroid Build Coastguard Worker(allow vendordomain self (netlink_route_socket (nlmsg_readpriv))) 8*e4a36f41SAndroid Build Coastguard Worker 9*e4a36f41SAndroid Build Coastguard Worker(typeattributeset mlsvendorcompat (and appdomain vendordomain)) 10*e4a36f41SAndroid Build Coastguard Worker(allow mlsvendorcompat app_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir))) 11*e4a36f41SAndroid Build Coastguard Worker(allow mlsvendorcompat app_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads))) 12*e4a36f41SAndroid Build Coastguard Worker(allow mlsvendorcompat privapp_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir))) 13*e4a36f41SAndroid Build Coastguard Worker(allow mlsvendorcompat privapp_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads))) 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Worker;; permission for devices (older than S) where debugfs restriction doesn't apply. 16*e4a36f41SAndroid Build Coastguard Worker(typeattribute debugfs_file_type) 17*e4a36f41SAndroid Build Coastguard Worker(typeattributeset debugfs_file_type (and debugfs_type file_type)) 18*e4a36f41SAndroid Build Coastguard Worker(typeattribute debugfs_fs_type) 19*e4a36f41SAndroid Build Coastguard Worker(typeattributeset debugfs_fs_type (and debugfs_type fs_type)) 20*e4a36f41SAndroid Build Coastguard Worker 21*e4a36f41SAndroid Build Coastguard Worker(allow dumpstate debugfs (file (ioctl read getattr lock map open watch watch_reads))) 22*e4a36f41SAndroid Build Coastguard Worker(allow dumpstate debugfs_mmc (file (ioctl read getattr lock map open watch watch_reads))) 23*e4a36f41SAndroid Build Coastguard Worker(allow dumpstate debugfs_wakeup_sources (file (ioctl read getattr lock map open watch watch_reads))) 24*e4a36f41SAndroid Build Coastguard Worker(auditallow dumpstate debugfs (file (ioctl read getattr lock map open watch watch_reads))) 25*e4a36f41SAndroid Build Coastguard Worker 26*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs (dir (getattr relabelfrom))) 27*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs (file (getattr relabelfrom))) 28*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs (lnk_file (getattr relabelfrom))) 29*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs_file_type (file (create getattr open read write setattr relabelfrom unlink map))) 30*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs_fs_type (filesystem (mount remount unmount getattr relabelfrom associate quotamod quotaget watch))) 31*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs_type (dir (getattr relabelto))) 32*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs_type (file (getattr relabelto))) 33*e4a36f41SAndroid Build Coastguard Worker(allow init debugfs_type (lnk_file (getattr relabelto))) 34*e4a36f41SAndroid Build Coastguard Worker 35*e4a36f41SAndroid Build Coastguard Worker(allow system_server debugfs_wakeup_sources (file (ioctl read getattr lock map open watch watch_reads))) 36*e4a36f41SAndroid Build Coastguard Worker 37*e4a36f41SAndroid Build Coastguard Worker(allow vendor_init debugfs_file_type (file (create getattr open read write setattr relabelfrom unlink map))) 38*e4a36f41SAndroid Build Coastguard Worker(allow vendor_init debugfs_fs_type (file (open read setattr map))) 39