1 type pd_mapper, domain; 2 3 type pd_mapper_exec, exec_type, vendor_file_type, file_type; 4 init_daemon_domain(pd_mapper); 5 6 allow pd_mapper self:capability { setgid setpcap setuid net_bind_service }; 7 8 allow pd_mapper vendor_firmware_file:dir r_dir_perms; 9 allow pd_mapper vendor_firmware_file:file r_file_perms; 10 11 allow pd_mapper self:socket create_socket_perms; 12 allowxperm pd_mapper self:socket ioctl IPC_ROUTER_IOCTL_BIND_CONTROL_PORT; 13 14 r_dir_file(pd_mapper, sysfs_msm_subsys) 15 userdebug_or_eng(`set_prop(pd_mapper, vendor_ssr_prop)') 16 17 dontaudit pd_mapper kernel:system module_request; 18
