1# Copyright (c) 2022-2022 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14type sa_foundation_wms, sa_service_attr; 15type sa_foundation_dms, sa_service_attr; 16 17allow foundation accessibility:binder { call }; 18allow foundation accesstoken_service:binder { call }; 19allow foundation bootanimation:binder { call }; 20allow foundation data_file:dir { search }; 21allow foundation data_init_agent:dir { search }; 22allow foundation dev_ashmem_file:chr_file { open }; 23allow foundation dev_unix_socket:dir { search }; 24allow foundation foundation:binder { call transfer }; 25allow foundation hidumper_service:fd { use }; 26allow foundation kernel:unix_stream_socket { connectto }; 27allow foundation multimodalinput:binder { call }; 28allow foundation multimodalinput:unix_stream_socket { write }; 29allow foundation normal_hap:binder { call }; 30allow foundation paramservice_socket:sock_file { write }; 31allow foundation proc_file:file { open read }; 32allow foundation render_service:binder { call transfer }; 33allow foundation render_service:fd { use }; 34allow foundation resource_schedule_service:binder { call transfer }; 35allow foundation sa_accesstoken_manager_service:samgr_class { get }; 36allow foundation sa_foundation_abilityms:samgr_class { get }; 37allow foundation sa_foundation_dms:samgr_class { add }; 38allow foundation sa_foundation_wms:samgr_class { add }; 39allow foundation sa_render_service:samgr_class { get }; 40allow foundation sa_msdp_motion_service:samgr_class { get }; 41allow foundation sa_msdp_motion_service:samgr_class { add }; 42allow foundation screenlock_server:binder { call transfer }; 43allow foundation sh:binder { call transfer }; 44allow foundation system_basic_hap:binder { call }; 45allow foundation system_core_hap:binder { call }; 46allow foundation system_usr_file:dir { search }; 47allow foundation system_usr_file:file { getattr map open read }; 48allow foundation ui_service:binder { call }; 49allow foundation vendor_lib_file:dir { search }; 50allow foundation vendor_lib_file:file { read }; 51allow foundation render_service:unix_stream_socket { read write }; 52allow foundation pasteboard_service:binder { call transfer }; 53allow foundation bootevent_wms_param:parameter_service { set }; 54allow bootanimation bootevent_wms_param:file { map open read }; 55 56