Home | History | Annotate | Download | only in sepolicy 
      1 # watchdogd seclabel is specified in init.<board>.rc
      2 type watchdogd, domain;
      3 allow watchdogd self:capability mknod;
      4 allow watchdogd device:dir { add_name write remove_name };
      5 allow watchdogd watchdog_device:chr_file rw_file_perms;
      6 # because of /dev/__kmsg__ and /dev/__null__
      7 write_klog(watchdogd)
      8 type_transition watchdogd device:chr_file null_device "__null__";
      9 allow watchdogd null_device:chr_file { create unlink };
     10