1 #integrated sensor process 2 type ims, domain; 3 type ims_exec, exec_type, file_type; 4 5 allow ims self:capability net_bind_service; 6 7 # Started by init 8 init_daemon_domain(ims) 9 net_domain(ims) 10 11 # Grant access to Qualcomm MSM Interface (QMI) radio sockets 12 qmux_socket(ims) 13 14 # talk to netmgrd and cnd 15 allow ims netmgrd_socket:dir search; 16 unix_socket_connect(ims, netmgrd, netmgrd) 17 unix_socket_connect(ims, cnd, cnd) 18 set_prop(ims, system_prop) 19 20 # files in /sys 21 r_dir_file(ims, sysfs_type) 22 23 # additional socket perms 24 allow ims ims_socket:sock_file write; 25 allow ims self:netlink_socket create_socket_perms; 26 allow ims self:socket create_socket_perms; 27 allowxperm ims self:udp_socket ioctl RMNET_IOCTL_EXTENDED; 28 allowxperm ims self:socket ioctl msm_sock_ipc_ioctls; 29 30 userdebug_or_eng(` 31 allow ims diag_device:chr_file rw_file_perms; 32 ') 33 34 # Runs /system/bin/sh for executing ndc commands via popen 35 allow ims shell_exec:file rx_file_perms; 36 allow ims system_file:file rx_file_perms; 37 38 # use /dev/ion memory 39 allow ims ion_device:chr_file r_file_perms; 40 41 # use fds passed from radio app 42 allow ims radio:fd use; 43
