common/te_macros - fp2-dev/device/qcom/sepolicy - Gitiles

 #####################################
 # qmux_socket(clientdomain)
 # Allow client domain to connecto and send
 # via a local socket to the qmux domain.
 # Also allow the client domain to remove
 # its own socket.
 define(`qmux_socket', `
 allow $1 qmuxd_socket:dir create_dir_perms;
 unix_socket_connect($1, qmuxd, qmuxd)
 allow $1 qmuxd_socket:sock_file { read getattr write setattr create unlink };
 ')

 #####################################
 # diag_rw(clientdomain)
 # Allow domains to read and write
 # /dev/diag nodes.
 # Note any app domian and untrusted_app
 # are to be restricted from using this.
 define(`diag_rw', `
 allow $1  diag_device:chr_file rw_file_perms;
 ')
	#####################################
	# qmux_socket(clientdomain)
	# Allow client domain to connecto and send
	# via a local socket to the qmux domain.
	# Also allow the client domain to remove
	# its own socket.
	define(`qmux_socket', `
	allow $1 qmuxd_socket:dir create_dir_perms;
	unix_socket_connect($1, qmuxd, qmuxd)
	allow $1 qmuxd_socket:sock_file { read getattr write setattr create unlink };
	')

	#####################################
	# diag_rw(clientdomain)
	# Allow domains to read and write
	# /dev/diag nodes.
	# Note any app domian and untrusted_app
	# are to be restricted from using this.
	define(`diag_rw', `
	allow $1 diag_device:chr_file rw_file_perms;
	')