# Copyright (c) 2021-2023 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

allow foundation appspawn:unix_stream_socket { connectto };
allow foundation appspawn_socket:sock_file { write };
allow foundation configfs:dir { open read search };
allow foundation data_app_el1_file:dir { search };
allow foundation data_app_el1_file:file { getattr read };
allow foundation data_app_file:dir { search };
allow foundation data_service_el1_file:dir { add_name open read search write };
allow foundation data_service_el1_file:file { create getattr ioctl open read write };
allow foundation data_service_file:dir { search };
allow foundation data_storage:dir { search };
allow foundation data_system_ce:dir { add_name search write };
allow foundation data_system_ce:file { create getattr ioctl lock map open read write };
allow foundation dev_mali:chr_file { ioctl map read write };
allow foundation deviceauth_service:binder { call };
allow foundation distributeddata:binder { call transfer };
allow foundation distributedsche:binder { call transfer };
allow foundation distributedsche:fd { use };
allow foundation dscreen:binder { call transfer };
allow foundation edm_sa:binder { call };
allow foundation foundation:unix_dgram_socket { getopt setopt };
allow foundation hdf_devmgr:binder { call transfer };
allow foundation hiview:binder { transfer };
allow foundation inputmethod_service:binder { call };
allow foundation msdp_sa:binder { call transfer };
allow foundation multimodalinput:fd { use };
allow foundation multimodalinput:unix_stream_socket { read };
allow foundation normal_hap_attr:file { getattr read };
allow foundation normal_hap_attr:process { sigkill };
allow foundation ohos_param:parameter_service { set };
allow foundation param_watcher:binder { call transfer };
allow foundation power_host:binder { call transfer };
allow foundation sa_distributeschedule:samgr_class { get };
allow foundation softbus_server:binder { call };
allow foundation storage_manager:binder { call };
allow foundation sys_file:dir { open read };
allow foundation sys_file:file { open read };
allow foundation system_basic_hap_attr:dir { search };
allow foundation system_basic_hap_attr:file { getattr read };
allow foundation system_file:dir { getattr open read };
allow foundation system_file:file { getattr open read };
allow foundation telephony_sa:binder { call transfer };
allow foundation tracefs:dir { search };
allow foundation tracefs_trace_marker_file:file { open write };
allow foundation vendor_file:file { execute getattr map open read };
allow foundation vendor_etc_file:dir { search };
allow foundation vendor_etc_file:file { getattr open read };
allow foundation work_scheduler_service:binder { call };