location.te revision 3db6f8685173943ea7090a976d23bff4275412c0
1type location, domain; 2type location_exec, exec_type, vendor_file_type, file_type; 3 4init_daemon_domain(location) 5 6# STOPSHIP b/28340421 7# Temporarily grant this permission and log its use. 8allow location self:capability { net_admin }; 9auditallow location self:capability { net_admin }; 10 11allow location location_exec:file execute_no_trans; 12 13allow location self:capability { setgid setuid }; 14 15allow location proc_net:file r_file_perms; 16 17allow location location_data_file:dir create_dir_perms; 18allow location location_data_file:{ file sock_file } create_file_perms; 19 20allow location self:netlink_generic_socket create_socket_perms_no_ioctl; 21allow location self:netlink_socket create_socket_perms_no_ioctl; 22allow location self:socket create_socket_perms; 23allowxperm location self:udp_socket ioctl { SIOCGIFHWADDR SIOCIWFIRSTPRIV_05 }; 24allowxperm location self:socket ioctl msm_sock_ipc_ioctls; 25 26# Enable network access (for XTRA download) 27net_domain(location) 28 29# files in /sys 30r_dir_file(location, sysfs_type) 31 32dontaudit location kernel:system module_request; 33