# Copyright (c) 2021 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. init_daemon_domain(udevd); allow udevd data_file:dir { open search getattr rmdir }; allow udevd data_file:file { open }; allow udevd data_service_el1_file:dir { search write add_name create getattr remove_name read open watch rmdir }; allow udevd data_service_el1_file:file { create unlink write open ioctl read rename }; allow udevd data_service_el1_file:sock_file { create unlink }; allow udevd data_service_file:dir { search }; allow udevd data_udev:dir { rmdir }; allow udevd dev_bus_usb_file:chr_file { setattr }; allow udevd dev_char_file:dir { search write remove_name }; allow udevd dev_char_file:lnk_file { unlink }; allow udevd dev_dri_file:chr_file { getattr write }; allow udevd dev_dri_file:dir { add_name search write }; allow udevd dev_file:dir { add_name create write }; allow udevd dev_file:lnk_file { create getattr }; allow udevd dev_input_file:dir { remove_name rmdir }; allow udevd dev_input_file:lnk_file { getattr read write unlink rename }; allow udevd dev_ptmx:chr_file { write getattr }; #allow udevd sh_exec:file { read open execute execute_no_trans map }; allow udevd system_bin_file:dir { search }; allow udevd sys_file:file { getattr open read }; allow udevd tty_device:chr_file { open read write }; allow udevd udevd:capability { net_admin }; allow udevd udevd:netlink_kobject_uevent_socket { read create bind }; allow udevd udevd:netlink_kobject_uevent_socket { getattr setopt write }; allow udevd udevd:unix_dgram_socket { sendto read }; allow udevd vendor_lib_file:dir { search }; allowxperm udevd data_service_el1_file:file ioctl { 0x5413 };