1 type init_foreground, domain; 2 type init_foreground_exec, exec_type, vendor_file_type, file_type; 3 4 init_daemon_domain(init_foreground) 5 6 allow init_foreground proc:file getattr; 7 allow init_foreground proc_iomem:file getattr; 8 allow init_foreground proc_meminfo:file getattr; 9 allow init_foreground proc_sysrq:file getattr; 10 dontaudit init_foreground proc_interrupts:file getattr; 11 dontaudit init_foreground proc_stat:file getattr; 12 dontaudit init_foreground proc_timer:file getattr; 13 dontaudit init_foreground proc_zoneinfo:file getattr; 14 15 allow init_foreground vendor_shell_exec:file rx_file_perms; 16 allow init_foreground vendor_toolbox_exec:file rx_file_perms; 17 18 allow init_foreground domain:dir { getattr search }; 19 allow init_foreground domain:file { read open }; 20 21 allow init_foreground kernel:process setsched; 22
