1 # Policy for /vendor/bin/cnss_diag 2 type cnss_diag, domain; 3 type cnss_diag_exec, exec_type, vendor_file_type, file_type; 4 5 init_daemon_domain(cnss_diag) 6 7 allow cnss_diag self:capability { setgid setuid }; 8 9 allow cnss_diag self:netlink_socket create_socket_perms_no_ioctl; 10 allow cnss_diag sysfs:file r_file_perms; 11 12 # b/35877764 suppress the udp_socket denial message temproarily 13 dontaudit cnss_diag self:udp_socket create; 14 15 userdebug_or_eng(` 16 allow cnss_diag diag_device:chr_file rw_file_perms; 17 allow cnss_diag cnss_vendor_data_file:dir create_dir_perms; 18 allow cnss_diag cnss_vendor_data_file:file create_file_perms; 19 ') 20 dontaudit cnss_diag diag_device:chr_file rw_file_perms; 21
