1# Copyright (c) 2023 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14updater_only(` 15# avc: denied { associate } for pid=1 comm="init" name="/" dev="tmpfs" ino=1 scontext=u:object_r:rootfs:s0 tcontext=u:object_r:tmpfs:s0 tclass=filesystem permissive=1 16allow rootfs tmpfs:filesystem { associate }; 17 18# avc: denied { associate } for pid=233 comm="updater" name="updater_binary" dev="tmpfs" ino=5 scontext=u:object_r:updater_binary_exec:s0 tcontext=u:object_r:tmpfs:s0 tclass=filesystem permissive=1 19allow updater_binary_exec tmpfs:filesystem { associate }; 20 21# avc_audit_slow:267] avc: denied { associate } for pid=1, comm="/init" name="/bin/faultloggerd" dev="tmpfs" ino=718 scontext=u:object_r:faultloggerd_exec:s0 tcontext=u:object_r:rootfs:s0 tclass=filesystem permissive=1 22allow faultloggerd_exec rootfs:filesystem { associate }; 23 24# avc_audit_slow:267] avc: denied { associate } for pid=1, comm="/init" name="/bin/processdump" dev="tmpfs" ino=720 scontext=u:object_r:processdump_exec:s0 tcontext=u:object_r:rootfs:s0 tclass=filesystem permissive=1 25allow processdump_exec rootfs:filesystem { associate }; 26') 27