1# automotive watchdog support 2allow system_server hal_vehicle_server:process sigkill; 3carwatchdog_client_domain(hal_vehicle_default) 4binder_use(hal_vehicle_default) 5 6starting_at_board_api(202504, ` 7typeattribute hal_vehicle_default unconstrained_vsock_violators; 8') 9# communication between vehicle client/server via VSOCK 10allow hal_vehicle_default self:vsock_socket { create_socket_perms_no_ioctl listen accept }; 11# TODO(b/130668487): Label the vsock sockets. 12allow hal_vehicle_default unlabeled:vsock_socket { read write shutdown }; 13 14allow hal_vehicle_default proc_net:file { open read getattr }; 15