1### trade-in mode 2 3type tradeinmode, domain, coredomain; 4type tradeinmode_exec, exec_type, file_type, system_file_type; 5 6allow tradeinmode adbd_tradeinmode:fd use; 7allow tradeinmode adbd_tradeinmode:unix_stream_socket { read write ioctl }; 8 9# Needed to enable trade-in mode for testing. 10set_prop(tradeinmode, adbd_tradeinmode_prop) 11 12# Allow running from normal shell. 13allow tradeinmode { adbd shell }:fd use; 14allow tradeinmode adbd:unix_stream_socket { read write ioctl }; 15 16allow tradeinmode devpts:chr_file rw_file_perms; 17 18# Allow executing am/content without a domain transition. 19allow tradeinmode system_file:file rx_file_perms; 20allow tradeinmode zygote_exec:file rx_file_perms; 21allow tradeinmode apex_info_file:file r_file_perms; 22 23allow tradeinmode activity_service:service_manager find; 24 25get_prop(tradeinmode, odsign_prop) 26get_prop(tradeinmode, build_attestation_prop) 27get_prop(tradeinmode, adbd_tradeinmode_prop) 28set_prop(tradeinmode, powerctl_prop) 29 30# Needed to start activities through "am". 31binder_call(tradeinmode, system_server) 32binder_call(tradeinmode, servicemanager) 33 34# Needed to run "content". 35binder_call(tradeinmode, platform_app) 36