1# Copyright (c) 2022-2023 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14#avc: denied { signal } for pid=2026 comm="sh" scontext=u:r:sh:s0 tcontext=u:r:msdp_sa:s0 tclass=process permissive=1 15#avc: denied { sigkill } for pid=1922 comm="sh" scontext=u:r:sh:s0 tcontext=u:r:msdp_sa:s0 tclass=process permissive=1 16debug_only(` 17 allow sh msdp_sa:process { signal sigkill }; 18') 19 20#avc: denied { transfer } for pid=2065 comm="DevicestatusAge" scontext=u:r:sh:s0 tcontext=u:r:msdp_sa:s0 tclass=binder permissive=1 21#avc: denied { call } for pid=2065 comm="DevicestatusAge" scontext=u:r:sh:s0 tcontext=u:r:msdp_sa:s0 tclass=binder permissive=1 22debug_only(` 23 allow sh msdp_sa:binder { transfer call }; 24') 25 26#avc: denied { get } for service=2902 pid=1807 scontext=u:r:sh:s0 tcontext=u:object_r:sa_msdp_devicestatus_service:s0 tclass=samgr_class permissive=1 27debug_only(` 28 allow sh sa_msdp_devicestatus_service:samgr_class { get }; 29') 30 31#avc: denied { use } for pid=464 comm="IPC_1_857" path="socket:[33390]" dev="sockfs" ino=33390 scontext=u:r:sh:s0 tcontext=u:r:msdp_sa:s0 tclass=fd permissive=1 32#avc: denied { read write } for pid=464 comm="IPC_1_857" path="socket:[33390]" dev="sockfs" ino=33390 scontext=u:r:sh:s0 tcontext=u:r:msdp_sa:s0 tclass=unix_stream_socket permissive=1 33debug_only(` 34 allow sh msdp_sa:fd { use }; 35 allow sh msdp_sa:unix_stream_socket { read write }; 36') 37