ims.te revision 051bcb37133dba600512654a87dc1371f40191b2
1type ims, domain; 2type ims_exec, exec_type, vendor_file_type, file_type; 3 4init_daemon_domain(ims) 5net_domain(ims) 6 7get_prop(ims, hwservicemanager_prop) 8set_prop(ims, ims_prop) 9 10unix_socket_connect(ims, netmgrd, netmgrd) 11 12allow ims sysfs_soc:dir search; 13allow ims sysfs_soc:file r_file_perms; 14allow ims sysfs_timestamp_switch:file r_file_perms; 15 16# TODO(b/38228603): Remove net_raw upon resolution of this bug 17allow ims self:capability { net_raw net_bind_service}; 18 19allow ims ion_device:chr_file r_file_perms; 20 21unix_socket_connect(ims, cnd, cnd) 22 23allow ims self:socket create_socket_perms; 24allow ims ims_socket:sock_file write; 25allow ims self:netlink_generic_socket create_socket_perms_no_ioctl; 26allow ims netmgrd_socket:dir search; 27allow ims netmgrd_socket:sock_file w_file_perms; 28allowxperm ims self:socket ioctl msm_sock_ipc_ioctls; 29allowxperm ims self:udp_socket ioctl RMNET_IOCTL_EXTENDED; 30 31r_dir_file(ims, sysfs_msm_subsys) 32 33userdebug_or_eng(` 34 permissive ims; 35') 36