1type ims, domain, device_domain_deprecated; 2type ims_exec, exec_type, file_type; 3 4init_daemon_domain(ims) 5 6# Policy below to be updated per b/23784951 7allow ims self:capability { net_admin net_raw }; 8 9binder_use(ims) 10set_prop(ims, qcom_ims_prop) 11qmux_socket(ims) 12unix_socket_connect(ims, cnd, cnd) 13allowxperm ims self:udp_socket ioctl SIOCDEVPRIVATE_D; 14 15allow ims ims_service:service_manager add; 16 17allow ims ims_socket:sock_file write; 18allow ims self:socket create_socket_perms; 19allowxperm ims self:socket ioctl msm_sock_ipc_ioctls; 20allow ims self:udp_socket create_socket_perms; 21allow ims self:netlink_socket create_socket_perms_no_ioctl; 22allow ims self:netlink_route_socket { create_socket_perms_no_ioctl nlmsg_write nlmsg_read }; 23 24allow ims sysfs_msm_subsys:dir r_dir_perms; 25allow ims sysfs_msm_subsys:lnk_file r_file_perms; 26