You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
28 lines
1.3 KiB
28 lines
1.3 KiB
7 months ago
|
# allow run xtest as shell
|
||
|
|
domain_auto_trans(shell, tee_exec, tee);
|
||
|
|
allow shell tee_exec:file { getattr execute read open execute_no_trans };
|
||
|
|
## allow shell tee_data_file:file { create write open getattr unlink read };
|
||
|
|
## allow shell tee_data_file:dir { write add_name remove_name rename search };
|
||
|
|
## allow shell tee_data_file:chr_file { read write open ioctl };
|
||
|
|
allow tee console_device:chr_file { getattr read write ioctl };
|
||
|
|
allow tee shell:fd { use };
|
||
|
|
|
||
|
|
## allow tee tee_data_file:dir { create rmdir rename };
|
||
|
|
#allow tee system_data_file:file { append }; #write open
|
||
|
|
allow tee system_data_file:dir { getattr }; # open write
|
||
|
|
allow tee vendor_data_file:dir { getattr open write add_name create};
|
||
|
|
allow tee vendor_data_file:file { getattr write open read create append };
|
||
|
|
|
||
|
|
# For xtest 200x tests
|
||
|
|
allow tee tee:tcp_socket { create connect read write getopt setopt };
|
||
|
|
allow tee tee:udp_socket { create connect read write getopt getattr };
|
||
|
|
allow tee tee:capability { net_raw };
|
||
|
|
allow tee fwmarkd_socket:sock_file { write };
|
||
|
|
## allow tee netd:unix_stream_socket { connectto };
|
||
|
|
allow tee port:tcp_socket { name_connect };
|
||
|
|
|
||
|
|
# Rules on netd domain for optee xtest 200x tests
|
||
|
|
allow netd tee:tcp_socket { read write getopt setopt };
|
||
|
|
allow netd tee:udp_socket { read write getopt setopt };
|
||
|
|
allow netd tee:fd { use };
|