1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| # vdc spawned from init for the following services:
| # defaultcrypto
| # encrypt
| #
| # We also transition into this domain from dumpstate, when
| # collecting bug reports.
|
| type vdc, domain;
| type vdc_exec, system_file_type, exec_type, file_type;
|
| # vdc can be invoked with logwrapper, so let it write to pty
| allow vdc devpts:chr_file rw_file_perms;
|
| # vdc writes directly to kmsg during the boot process
| allow vdc kmsg_device:chr_file { getattr w_file_perms };
|
| # vdc talks to vold over Binder
| binder_use(vdc)
| binder_call(vdc, vold)
| allow vdc vold_service:service_manager find;
|
|
