1# Copyright (c) 2022 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14type time_service, sadomain, domain; 15 16allow time_service sa_foundation_abilityms:samgr_class { get }; 17allow time_service sh:binder { call }; 18allow sh time_service:binder { call transfer }; 19allow time_service foundation:binder { call transfer }; 20allow time_service accesstoken_service:binder { call }; 21allow time_service time_service:capability { sys_time }; 22allow time_service sa_accesstoken_manager_service:samgr_class { get }; 23allow time_service sa_param_watcher:samgr_class { get }; 24allow time_service dev_rtc_file:chr_file { ioctl open read write}; 25allowxperm time_service dev_rtc_file:chr_file ioctl 0x700a; 26allow time_service node:udp_socket { node_bind }; 27allow time_service time_service:capability2 { wake_alarm }; 28allow time_service time_service:udp_socket { bind connect create read setopt write}; 29allow time_service dev_unix_socket:dir { search }; 30allow system_basic_hap sa_time_service:samgr_class { get }; 31allow normal_hap sa_time_service:samgr_class { get }; 32allow system_core_hap sa_time_service:samgr_class { get }; 33allow normal_hap time_service:binder { transfer }; 34allow time_service normal_hap:binder { call transfer }; 35allow time_service system_core_hap:binder { call transfer }; 36allow time_service system_basic_hap:binder { call transfer }; 37allow time_service time_param:parameter_service { set }; 38allow { domain -limit_domain } time_param:file { map open read }; 39 40