1type ims, domain; 2type ims_exec, exec_type, vendor_file_type, file_type; 3init_daemon_domain(ims) 4 5net_domain(ims) 6 7# Use generic netlink socket 8allow ims self:{ 9 socket 10 netlink_generic_socket 11 qipcrtr_socket 12} create_socket_perms_no_ioctl; 13 14set_prop(ims, qcom_ims_prop) 15 16#Allow access to netmgrd socket 17allow ims netmgrd_socket:dir r_dir_perms; 18unix_socket_connect(ims, netmgrd, netmgrd) 19allow ims netmgrd_socket:sock_file rw_file_perms; 20 21hwbinder_use(ims) 22get_prop(ims, hwservicemanager_prop) 23 24r_dir_file(ims, sysfs_msm_subsys) 25 26allow ims sysfs_soc:dir search; 27allow ims sysfs_soc:file r_file_perms; 28 29get_prop(ims, cnd_vendor_prop) 30 31allow ims hal_datafactory_hwservice:hwservice_manager find; 32 33# for video call 34binder_call(ims, cnd) 35 36allow ims vendor_radio_data_file:dir rw_dir_perms; 37allow ims vendor_radio_data_file:file create_file_perms; 38 39allow ims sysfs_timestamp_switch:file r_file_perms; 40 41#diag 42userdebug_or_eng(` 43 r_dir_file(ims, sysfs_diag) 44 allow ims diag_device:chr_file rw_file_perms; 45') 46 47set_prop(ims, ctl_start_prop) 48set_prop(ims, ctl_stop_prop) 49 50r_dir_file(ims, sysfs_esoc) 51r_dir_file(ims, sysfs_ssr) 52 53dontaudit ims diag_device:chr_file rw_file_perms; 54