• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14type init, nativedomain, domain;
15type init_exec, exec_attr, file_attr, system_file_attr;
16allow init console:process { rlimitinh siginh transition getattr };
17allow init data_startup:dir { create getattr open read relabelfrom relabelto remove_name search setattr write add_name };
18allow init data_startup:file { create ioctl open read append relabelto rename unlink write open };
19allow init proc_stat_file:file { setattr read open };
20allow init proc_diskstats_file:file { read open };
21allow init kernel:file { read open };
22allow init kernel:dir { search };
23allow bootevent_wms_param tmpfs:filesystem associate;
24allow init bootevent_wms_param:file { map open read relabelto relabelfrom};
25allow dhardware_dm_param tmpfs:filesystem associate;
26allow init dhardware_dm_param:file { map open read relabelto relabelfrom };
27allow persist_audio_param tmpfs:filesystem associate;
28allow init persist_audio_param:file { map open read relabelto relabelfrom };
29allow arkcompiler_param tmpfs:filesystem associate;
30allow init arkcompiler_param:file { map open read relabelto relabelfrom };
31allow init arkcompiler_param:parameter_service { set };
32allow init inputmethod_param:file { map open read relabelto relabelfrom };
33allow init inputmethod_param:parameter_service { set };
34allow pasteboard_param tmpfs:filesystem associate;
35allow init pasteboard_param:file { map open read relabelto relabelfrom };
36allow time_param tmpfs:filesystem associate;
37allow init time_param:file { map open read relabelto relabelfrom };
38allow accesstoken_perm_param tmpfs:filesystem associate;
39allow init accesstoken_perm_param:file { map open read relabelto relabelfrom };
40
41allow xts_devattest_authresult_param tmpfs:filesystem associate;
42allow init xts_devattest_authresult_param:file { map open read relabelto relabelfrom };
43allow init xts_devattest_authresult_param:parameter_service { set };
44allow init hiviewdfx_profiler_param:file { map open read relabelto relabelfrom };
45
46#for bootchart to read
47allow init { domain }:file { open read };
48allow init { domain }:dir { search };
49