1# Copyright (c) 2022 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License 13 14#allow bytrace data_file:file write; 15allow bytrace data_file:dir search; 16allow bytrace data_local:dir search; 17allow bytrace data_log:dir { add_name search write }; 18allow bytrace data_log:file { create getattr open write }; 19allow bytrace data_local_tmp:dir { add_name search write create }; 20allow bytrace data_local_tmp:file { create getattr open write }; 21allow bytrace debug_param:parameter_service set; 22allow bytrace dev_unix_socket:dir search; 23allow bytrace devpts:chr_file { read write }; 24allow bytrace hdcd:fd use; 25allow bytrace hdcd:unix_stream_socket { read write }; 26allow bytrace sh:fd use; 27allow bytrace system_bin_file:dir search; 28allow bytrace tracefs:dir search; 29allow bytrace tracefs_trace_marker_file:file { getattr open write }; 30allow bytrace tty_device:chr_file { read write }; 31allow bytrace tracefs:file { getattr ioctl open read write }; 32 33allow bytrace ohos_param:file { read map open }; 34 35allow bytrace kernel:unix_stream_socket connectto; 36allow bytrace paramservice_socket:sock_file write; 37 38allow bytrace ohos_boot_param:file { map open read }; 39allow bytrace sys_param:file { open read map }; 40 41allow bytrace net_param:file { map open read }; 42allow bytrace net_tcp_param:file read; 43allow bytrace sys_usb_param:file { map open read }; 44 45allow bytrace hw_sc_build_param:file { open read map }; 46allow bytrace hw_sc_param:file { map open read }; 47allow bytrace net_tcp_param:file { map open }; 48 49allow bytrace data_local_tmp:file { read write }; 50 51allow bytrace domain:dir { getattr search }; 52allow bytrace domain:file { open read }; 53allow bytrace hw_sc_build_os_param:file { open read map }; 54 55allow bytrace hw_sc_build_os_param:file { open read }; 56allow bytrace init_param:file { map open read }; 57allow bytrace init_svc_param:file { map open read }; 58 59allow bytrace hdcd:fifo_file { ioctl write }; 60 61allow bytrace const_param:file { map open read }; 62allow bytrace const_postinstall_fstab_param:file { map open read }; 63allow bytrace const_postinstall_param:file { map open read }; 64 65debug_only(` 66 allow bytrace self:capability { setgid }; 67 allow hitrace self:capability { setgid }; 68 allow bytrace sh:fifo_file { read write }; 69') 70