1type rfsd, domain; 2type rfsd_exec, vendor_file_type, exec_type, file_type; 3init_daemon_domain(rfsd) 4 5# Allow to setuid from root to radio and chown of modem efs files 6allow rfsd self:capability { chown setuid }; 7 8# Allow to search block device and mnt dir for modem EFS partitions 9allow rfsd mnt_vendor_file:dir search; 10allow rfsd block_device:dir search; 11 12# Allow to operate with modem EFS file/dir 13allow rfsd modem_efs_file:dir create_dir_perms; 14allow rfsd modem_efs_file:file create_file_perms; 15 16allow rfsd radio_vendor_data_file:dir r_dir_perms; 17allow rfsd radio_vendor_data_file:file r_file_perms; 18 19r_dir_file(rfsd, vendor_fw_file) 20 21# Allow to access rfsd log file/dir 22allow rfsd vendor_log_file:dir search; 23allow rfsd vendor_rfsd_log_file:dir create_dir_perms; 24allow rfsd vendor_rfsd_log_file:file create_file_perms; 25 26# Allow to read/write modem block device 27allow rfsd modem_block_device:blk_file rw_file_perms; 28 29# Allow to operate with radio device 30allow rfsd radio_device:chr_file rw_file_perms; 31 32# Allow to set rild and modem property 33set_prop(rfsd, vendor_modem_prop) 34set_prop(rfsd, vendor_rild_prop) 35set_prop(cbd, vendor_cbd_prop) 36 37# Allow rfsd to access modem image file/dir 38allow rfsd modem_img_file:dir r_dir_perms; 39allow rfsd modem_img_file:file r_file_perms; 40allow rfsd modem_img_file:lnk_file r_file_perms; 41