1# Copyright (c) 2023 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14allow mdnsmanager dev_console_file:chr_file { read write }; 15allow mdnsmanager hilog_param:file { open read map }; 16allow mdnsmanager dev_unix_socket:dir { search }; 17allow mdnsmanager tracefs:dir { search }; 18allow mdnsmanager tracefs_trace_marker_file:file { open write }; 19allow mdnsmanager debug_param:file { open read map }; 20allow mdnsmanager param_watcher:binder { call transfer }; 21allow mdnsmanager mdnsmanager:binder { call }; 22allow mdnsmanager musl_param:file { open read map }; 23allow mdnsmanager mdnsmanager:netlink_route_socket { create write read nlmsg_read nlmsg_readpriv }; 24 25allow param_watcher mdnsmanager:binder { call }; 26allow system_basic_hap_attr mdnsmanager:binder { transfer call }; 27allow mdnsmanager system_basic_hap_attr:binder { call }; 28allow system_basic_hap_attr sa_comm_mdns_manager_service:samgr_class { get }; 29allow system_core_hap_attr mdnsmanager:binder { transfer call }; 30allow mdnsmanager system_core_hap_attr:binder { call }; 31allow system_core_hap_attr sa_comm_mdns_manager_service:samgr_class { get }; 32allow normal_hap_attr mdnsmanager:binder { transfer call }; 33allow mdnsmanager normal_hap_attr:binder { call }; 34allow normal_hap_attr sa_comm_mdns_manager_service:samgr_class { get }; 35allow mdnsmanager sa_param_watcher:samgr_class { get }; 36allow mdnsmanager sa_comm_mdns_manager_service:samgr_class { add }; 37allow mdnsmanager sa_accesstoken_manager_service:samgr_class { get }; 38allow mdnsmanager accesstoken_service:binder { call }; 39 40allow mdnsmanager mdnsmanager:udp_socket { create getopt setopt bind name_bind ioctl read write }; 41allow mdnsmanager node:udp_socket { node_bind }; 42allow mdnsmanager port:udp_socket { name_bind }; 43allow mdnsmanager mdnsmanager:unix_dgram_socket { ioctl getopt setopt }; 44 45allow mdnsmanager netmanager:binder { call transfer }; 46allow mdnsmanager sa_net_conn_manager:samgr_class { get }; 47 48debug_only(` 49 allow mdnsmanager sh:binder { call }; 50') 51