summaryrefslogtreecommitdiff
path: root/sepolicy/whitechapel/vendor/google/aocd.te
diff options
context:
space:
mode:
Diffstat (limited to 'sepolicy/whitechapel/vendor/google/aocd.te')
-rw-r--r--sepolicy/whitechapel/vendor/google/aocd.te21
1 files changed, 21 insertions, 0 deletions
diff --git a/sepolicy/whitechapel/vendor/google/aocd.te b/sepolicy/whitechapel/vendor/google/aocd.te
new file mode 100644
index 00000000..69b0af0d
--- /dev/null
+++ b/sepolicy/whitechapel/vendor/google/aocd.te
@@ -0,0 +1,21 @@
+type aocd, domain;
+type aocd_exec, vendor_file_type, exec_type, file_type;
+init_daemon_domain(aocd)
+
+# access persist files
+allow aocd mnt_vendor_file:dir search;
+allow aocd persist_file:dir search;
+r_dir_file(aocd, persist_aoc_file);
+
+# sysfs operations
+allow aocd sysfs_aoc:dir search;
+allow aocd sysfs_aoc_firmware:file w_file_perms;
+
+# dev operations
+allow aocd aoc_device:chr_file rw_file_perms;
+
+# allow inotify to watch for additions/removals from /dev
+allow aocd device:dir r_dir_perms;
+
+# set properties
+set_prop(aocd, vendor_aoc_prop)
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 03:35:42 +0000