1# Copyright (c) 2021 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14define(`notdevfile_class_set',`{ fifo_file file lnk_file sock_file }') 15define(`devfile_class_set',`{ blk_file chr_file }') 16define(`file_class_set',`{ devfile_class_set notdevfile_class_set }') 17define(`dir_file_class_set',`{ dir file_class_set }') 18 19define(`socket_class_set', `{ tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_stream_socket unix_dgram_socket appletalk_socket netlink_route_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket xdp_socket }') 20 21define(`dgram_socket_class_set',`{ udp_socket unix_dgram_socket }') 22define(`stream_socket_class_set',`{ tcp_socket unix_stream_socket sctp_socket }') 23define(`unpriv_socket_class_set', `{ tcp_socket udp_socket unix_stream_socket unix_dgram_socket sctp_socket }') 24 25# permission for ipc 26define(`read_ipc_perms', `{ associate getattr read unix_read }') 27define(`rw_ipc_perms', `{ read_ipc_perms unix_write write }') 28define(`create_ipc_perms', `{ create destroy rw_ipc_perms setattr }') 29define(`rw_socket_perms', `{ ioctl read getattr write setattr append bind connect getopt setopt shutdown }') 30define(`create_socket_perms', `{ create rw_socket_perms }') 31 32# permission for dir 33define(`read_dir_perms', `{ getattr search open read lock ioctl }') 34define(`rw_dir_perms', `{ open read getattr lock search ioctl add_name remove_name write }') 35define(`create_dir_perms',`{ create reparent rename rmdir setattr rw_dir_perms }') 36 37# permission for file 38define(`read_file_perms',`{ getattr open read lock ioctl map }') 39define(`exec_file_perms',`{ getattr open map read execute execute_no_trans }') 40define(`write_file_perms',`{ getattr open write append lock map }') 41define(`rw_file_perms',`{ write_file_perms read_file_perms }') 42define(`create_file_perms',`{ create rename setattr unlink rw_file_perms }') 43