# Copyright (c) 2022 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the License);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

#avc:  denied  { rlimitinh } for  pid=355 comm="sa_main" scontext=u:r:init:s0 tcontext=u:r:audio_server:s0 tclass=process permissive=1
#avc:  denied  { siginh } for  pid=355 comm="sa_main" scontext=u:r:init:s0 tcontext=u:r:audio_server:s0 tclass=process permissive=1
#avc:  denied  { transition } for  pid=355 comm="init" path="/system/bin/sa_main" dev="mmcblk0p5" ino=336 scontext=u:r:init:s0 tcontext=u:r:audio_server:s0 tclass=process permissive=1
allow init audio_server:process { rlimitinh siginh transition };

#avc:  denied  { relabelfrom } for  pid=1 comm="init" name=".pulse_dir" dev="mmcblk0p11" ino=783368 scontext=u:r:init:s0 tcontext=u:object_r:data_data_file:s0 tclass=dir permissive=1
allow init data_data_file:dir { relabelfrom };

#avc:  denied  { add_name } for  pid=1 comm="init" name="runtime" scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { create } for  pid=1 comm="init" name="runtime" scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { getattr } for  pid=1 comm="init" path="/data/data/.pulse_dir" dev="mmcblk0p11" ino=522246 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { open } for  pid=1 comm="init" path="/data/data/.pulse_dir" dev="mmcblk0p11" ino=783368 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { read } for  pid=1 comm="init" name=".pulse_dir" dev="mmcblk0p11" ino=783368 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { relabelto } for  pid=1 comm="init" name=".pulse_dir" dev="mmcblk0p11" ino=783368 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { remove_name } for  pid=1 comm="init" name="pid" dev="mmcblk0p11" ino=522249 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { search } for  pid=1 comm="init" name=".pulse_dir" dev="mmcblk0p11" ino=522246 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
#avc:  denied  { setattr } for  pid=1 comm="init" name=".pulse_dir" dev="mmcblk0p11" ino=522246 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1#
#avc:  denied  { write } for  pid=1 comm="init" name="runtime" dev="mmcblk0p11" ino=522247 scontext=u:r:init:s0 tcontext=u:object_r:data_data_pulse_dir:s0 tclass=dir permissive=1
allow init data_data_pulse_dir:dir { add_name create getattr open read relabelto remove_name search setattr write };

allow init native_socket:sock_file { unlink };