1# Copyright (c) 2022 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14allow system_basic_hap data_app_el1_file:dir { getattr }; 15allow system_basic_hap netmanager:binder { transfer }; 16allow system_basic_hap proc_cpuinfo_file:file { getattr }; 17allow system_basic_hap proc_max_user_watches:file { open read }; 18allow system_basic_hap system_etc_file:dir { watch }; 19allow system_basic_hap dev_mali:chr_file { ioctl }; 20allow system_basic_hap nwebspawn:fd { use }; 21allow system_basic_hap nwebspawn:fifo_file { write }; 22allow system_basic_hap nwebspawn:unix_dgram_socket { write }; 23allow system_basic_hap system_fonts_file:dir { open read }; 24allowxperm system_basic_hap dev_mali:chr_file ioctl 0x800c; 25allow system_basic_hap dev_file:sock_file { write }; 26allow system_basic_hap netsysnative:unix_stream_socket { connectto }; 27allow system_basic_hap port:tcp_socket { name_connect }; 28allow system_basic_hap system_basic_hap:tcp_socket { connect getopt }; 29allow system_basic_hap system_basic_hap:udp_socket { connect }; 30allow system_basic_hap pasteboard_service:fd { use }; 31 32allow system_core_hap musl_param:file { read }; 33allow foundation system_core_hap:unix_stream_socket { read write }; 34allow hidumper_service system_core_hap:file { getattr }; 35allow system_core_hap proc_max_user_watches:file { read }; 36allow system_core_hap system_core_hap:tcp_socket { setopt }; 37allow system_core_hap system_etc_file:dir { watch }; 38allow system_core_hap tmpfs:lnk_file { getattr }; 39allow system_core_hap dev_mali:chr_file { ioctl }; 40allow system_core_hap proc_max_user_watches:file { open }; 41allow system_core_hap system_core_hap:tcp_socket { bind }; 42allowxperm system_core_hap dev_mali:chr_file ioctl 0x800c; 43allow system_core_hap port:tcp_socket { name_bind }; 44allow system_core_hap proc_max_user_watches:file { getattr }; 45allow nwebspawn system_core_hap:process { dyntransition }; 46allow nwebspawn system_core_hap_data_file:dir { mounton }; 47allow system_core_hap nwebspawn:fd { use }; 48allow system_core_hap nwebspawn:fifo_file { write }; 49allow system_core_hap nwebspawn:unix_dgram_socket { write }; 50allow system_core_hap proc_cpuinfo_file:file { getattr }; 51allow system_core_hap system_fonts_file:dir { open }; 52allow system_core_hap system_fonts_file:dir { read }; 53 54allow foundation data_service_el0_file:file { getattr }; 55allow foundation musl_param:file { read }; 56allow nwebspawn system_core_hap_data_file:dir { mounton }; 57allow foundation storage_manager:file { read }; 58allow system_core_hap port:tcp_socket { name_connect }; 59allow system_core_hap system_core_hap:tcp_socket { connect }; 60allow system_core_hap system_core_hap:tcp_socket { getopt }; 61allow system_core_hap system_core_hap:tcp_socket { read }; 62allow system_core_hap system_core_hap:tcp_socket { write }; 63allow system_core_hap system_core_hap:udp_socket { connect }; 64allow system_core_hap system_core_hap:udp_socket { read }; 65