1# Copyright (c) 2022 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14allow system_basic_hap data_app_el1_file:dir { getattr }; 15allow system_basic_hap netmanager:binder { transfer }; 16allow system_basic_hap proc_cpuinfo_file:file { getattr }; 17allow system_basic_hap proc_max_user_watches:file { open read }; 18allow system_basic_hap system_etc_file:dir { watch }; 19allow system_basic_hap dev_mali:chr_file { ioctl }; 20allow system_basic_hap nwebspawn:fd { use }; 21allow system_basic_hap nwebspawn:fifo_file { write }; 22allow system_basic_hap nwebspawn:unix_dgram_socket { write }; 23allow system_basic_hap system_fonts_file:dir { open read }; 24allowxperm system_basic_hap dev_mali:chr_file ioctl 0x800c; 25allow system_basic_hap dev_file:sock_file { write }; 26allow system_basic_hap netsysnative:unix_stream_socket { connectto }; 27allow system_basic_hap port:tcp_socket { name_connect }; 28allow system_basic_hap system_basic_hap:tcp_socket { connect getopt }; 29allow system_basic_hap system_basic_hap:udp_socket { connect }; 30 31allow system_core_hap musl_param:file { read }; 32allow foundation system_core_hap:unix_stream_socket { read write }; 33allow hidumper_service system_core_hap:file { getattr }; 34allow system_core_hap proc_max_user_watches:file { read }; 35allow system_core_hap system_core_hap:tcp_socket { setopt }; 36allow system_core_hap system_etc_file:dir { watch }; 37allow system_core_hap tmpfs:lnk_file { getattr }; 38allow system_core_hap dev_mali:chr_file { ioctl }; 39allow system_core_hap proc_max_user_watches:file { open }; 40allow system_core_hap system_core_hap:tcp_socket { bind }; 41allowxperm system_core_hap dev_mali:chr_file ioctl 0x800c; 42allow system_core_hap port:tcp_socket { name_bind }; 43allow system_core_hap proc_max_user_watches:file { getattr }; 44allow nwebspawn system_core_hap:process { dyntransition }; 45allow nwebspawn system_core_hap_data_file:dir { mounton }; 46allow system_core_hap nwebspawn:fd { use }; 47allow system_core_hap nwebspawn:fifo_file { write }; 48allow system_core_hap nwebspawn:unix_dgram_socket { write }; 49allow system_core_hap proc_cpuinfo_file:file { getattr }; 50allow system_core_hap system_fonts_file:dir { open }; 51allow system_core_hap system_fonts_file:dir { read }; 52 53allow foundation data_service_el0_file:file { getattr }; 54allow foundation musl_param:file { read }; 55allow nwebspawn system_core_hap_data_file:dir { mounton }; 56allow foundation storage_manager:file { read }; 57allow system_core_hap port:tcp_socket { name_connect }; 58allow system_core_hap system_core_hap:tcp_socket { connect }; 59allow system_core_hap system_core_hap:tcp_socket { getopt }; 60allow system_core_hap system_core_hap:tcp_socket { read }; 61allow system_core_hap system_core_hap:tcp_socket { write }; 62allow system_core_hap system_core_hap:udp_socket { connect }; 63allow system_core_hap system_core_hap:udp_socket { read }; 64