common/port-bridge.te - fp2-dev/device/qcom/sepolicy - Gitiles

 type port-bridge, domain;
 type port-bridge_exec, exec_type, file_type;
 init_daemon_domain(port-bridge)

 userdebug_or_eng(`
   domain_auto_trans(shell, port-bridge_exec, netmgrd)
   domain_auto_trans(adbd, port-bridge_exec, netmgrd)
 ')

 # Allow operations on different types of sockets
 allow port-bridge port-bridge:netlink_kobject_uevent_socket { create bind read };

 # Allow process capabilities
 allow port-bridge port-bridge:capability dac_override;

 allow port-bridge {
     # Allow operations on mhi transport
     mhi_device
     # Allow operations on gadget serial device
     gadget_serial_device
     # Allow operations on ATCoP g-link transport
     at_device
 }:chr_file rw_file_perms;

 # Allow write permissions for log file
 allow port-bridge port_bridge_data_file:file create_file_perms;
 allow port-bridge port_bridge_data_file:dir w_dir_perms;
	type port-bridge, domain;
	type port-bridge_exec, exec_type, file_type;
	init_daemon_domain(port-bridge)

	userdebug_or_eng(`
	domain_auto_trans(shell, port-bridge_exec, netmgrd)
	domain_auto_trans(adbd, port-bridge_exec, netmgrd)
	')

	# Allow operations on different types of sockets
	allow port-bridge port-bridge:netlink_kobject_uevent_socket { create bind read };

	# Allow process capabilities
	allow port-bridge port-bridge:capability dac_override;

	allow port-bridge {
	# Allow operations on mhi transport
	mhi_device
	# Allow operations on gadget serial device
	gadget_serial_device
	# Allow operations on ATCoP g-link transport
	at_device
	}:chr_file rw_file_perms;

	# Allow write permissions for log file
	allow port-bridge port_bridge_data_file:file create_file_perms;
	allow port-bridge port_bridge_data_file:dir w_dir_perms;