# Copyright (c) 2022-2023 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. #avc: denied { read } a2dp_host proc_file tclass=file #avc: denied { open } a2dp_host proc_file tclass=file allow a2dp_host proc_file:file { read open }; #avc: denied { open } a2dp_host musl_param tclass=file #avc: denied { map } a2dp_host musl_param tclass=file #avc: denied { read } a2dp_host musl_param tclass=file allow a2dp_host musl_param:file { open map read }; #avc: denied { get } for service=1130 pid=2180 scontext=u:r:a2dp_host:s0 tcontext=u:object_r:sa_bluetooth_server:s0 tclass=samgr_class permissive=1 allow a2dp_host sa_bluetooth_server:samgr_class { get }; allow a2dp_host hdf_device_manager:hdf_devmgr_class { get }; allow a2dp_host hdf_audio_bluetooth_hdi_service:hdf_devmgr_class { add }; allow a2dp_host hdf_bluetooth_audio_session_service:hdf_devmgr_class { add }; allow a2dp_host sa_device_service_manager:samgr_class { get }; allow a2dp_host bootevent_param:file { map open read }; allow a2dp_host bootevent_samgr_param:file { map open read }; allow a2dp_host build_version_param:file { map open read }; allow a2dp_host const_allow_mock_param:file { map open read }; allow a2dp_host const_allow_param:file { map open read }; allow a2dp_host const_build_param:file { map open read }; allow a2dp_host const_display_brightness_param:file { map open read }; allow a2dp_host const_param:file { map open read }; allow a2dp_host const_postinstall_fstab_param:file { map open read }; allow a2dp_host const_postinstall_param:file { map open read }; allow a2dp_host const_product_param:file { map open read }; allow a2dp_host debug_param:file { map open read }; allow a2dp_host default_param:file { map open read }; allow a2dp_host dev_hdf_kevent:chr_file { getattr ioctl open read write }; allow a2dp_host dev_unix_socket:dir { search }; allow a2dp_host distributedsche_param:file { map open read }; allow a2dp_host hdf_audio_bluetooth_hdi_service:hdf_devmgr_class { add }; allow a2dp_host hdf_device_manager:hdf_devmgr_class { get }; allow a2dp_host hdf_devmgr:binder { call transfer }; allow a2dp_host hilog_param:file { map open read }; allow a2dp_host hw_sc_build_os_param:file { map open read }; allow a2dp_host hw_sc_build_param:file { map open read }; allow a2dp_host hw_sc_param:file { map open read }; allow a2dp_host init_param:file { map open read }; allow a2dp_host init_svc_param:file { map open read }; allow a2dp_host input_pointer_device_param:file { map open read }; allow a2dp_host net_param:file { map open read }; allow a2dp_host net_tcp_param:file { map open read }; allow a2dp_host ohos_boot_param:file { map open read }; allow a2dp_host ohos_param:file { map open read }; allow a2dp_host persist_param:file { map open read }; allow a2dp_host persist_sys_param:file { map open read }; allow a2dp_host sa_device_service_manager:samgr_class { get }; allow a2dp_host samgr:binder { call }; allow a2dp_host security_param:file { map open read }; allow a2dp_host startup_param:file { map open read }; allow a2dp_host sys_param:file { map open read }; allow a2dp_host system_bin_file:dir { search }; allow a2dp_host sys_usb_param:file { map open read }; allow a2dp_host vendor_etc_file:dir { search }; allow a2dp_host vendor_etc_file:file { getattr open read }; allowxperm a2dp_host dev_hdf_kevent:chr_file ioctl { 0x6202 0x6203 }; #avc: denied { call } for pid=2029 comm="a2dp_host" scontext=u:r:a2dp_host:s0 tcontext=u:r:bluetooth_service:s0 tclass=binder permissive=1 #avc: denied { transfer } for pid=2029 comm="a2dp_host" scontext=u:r:a2dp_host:s0 tcontext=u:r:bluetooth_service:s0 tclass=binder permissive=1 allow a2dp_host bluetooth_service:binder { call transfer }; #avc: denied { open } for a2dp_host dev_ashmem_file tclass=chr_file allow a2dp_host dev_ashmem_file:chr_file { open }; allow a2dp_host a2dp_host:capability { sys_nice };