1## 2# trusted execution environment (tee) daemon 3# 4type tee, domain; 5type tee_exec, exec_type, file_type; 6type tee_device, dev_type; 7type tee_data_file, file_type, data_file_type; 8 9init_daemon_domain(tee) 10allow tee self:capability { dac_override }; 11allow tee tee_device:chr_file rw_file_perms; 12allow tee tee_data_file:dir rw_dir_perms; 13allow tee tee_data_file:file create_file_perms; 14allow tee self:netlink_socket create_socket_perms; 15