1 ## 2 # trusted execution environment (tee) daemon 3 # 4 type tee, domain, domain_deprecated; 5 type tee_exec, exec_type, file_type; 6 type tee_device, dev_type; 7 type tee_data_file, file_type, data_file_type; 8 9 init_daemon_domain(tee) 10 allow tee self:capability { dac_override }; 11 allow tee tee_device:chr_file rw_file_perms; 12 allow tee tee_data_file:dir rw_dir_perms; 13 allow tee tee_data_file:file create_file_perms; 14 allow tee self:netlink_socket create_socket_perms; 15 allow tee self:netlink_generic_socket create_socket_perms; 16
