• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2022 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14allow sh bootanimation:dir { getattr };
15allow sh configfs:dir { add_name create search write };
16allow sh configfs:file { open write };
17allow sh data_app_file:dir { open read search };
18allow sh data_data_file:dir { open remove_name rmdir };
19allow sh data_file:dir { add_name create setattr write rmdir};
20allow sh data_file:file { create ioctl setattr write };
21allow sh data_local_tmp:dir { open read };
22allow sh data_local_tmp:file { setattr };
23allow sh data_service_el1_file:dir { getattr search };
24allow sh data_service_el1_file:file { getattr ioctl open };
25allow sh data_service_file:dir { search };
26allow sh dev_kmsg_file:chr_file { open read };
27allow sh distributeddata:binder { call transfer };
28allow sh distributedsche_param:file { map open read };
29allow sh hilog_control_socket:sock_file { write };
30allow sh hilog_exec:file { execute execute_no_trans getattr map read open };
31allow sh init:unix_stream_socket { connectto };
32allow sh kernel:system { syslog_read };
33allow sh normal_hap_data_file:dir { getattr open read };
34allow sh sa_accesstoken_manager_service:samgr_class { get };
35allow sh sa_distributeddata_service:samgr_class { get };
36allow sh sa_foundation_cesfwk_service:samgr_class { get };
37allow sh security:security { check_context };
38allow sh selinuxfs:dir { search };
39allow sh selinuxfs:file { open read write };
40allow sh sh:unix_dgram_socket { getopt setopt };
41allow sh sysfs_hctosys:file { open read };
42allow sh sysfs_rtc:dir { open read };
43allow sh system_basic_hap_data_file:dir { getattr };
44allow sh system_core_hap_data_file:dir { getattr open read search };
45allow sh system_file:file { getattr };
46allow sh tmpfs:file { open write };
47allowxperm sh data_file:file ioctl 0x5413;
48allowxperm sh data_service_el1_file:file ioctl 0x5413;
49