Nick Kralevich | bf8a37b | 2014-06-20 18:11:11 -0700 | [diff] [blame] | 1 | # vdc spawned from init for the following services: |
| 2 | # defaultcrypto |
| 3 | # encrypt |
Nick Kralevich | c0d1476 | 2014-06-25 12:30:11 -0700 | [diff] [blame] | 4 | # |
| 5 | # We also transition into this domain from dumpstate, when |
| 6 | # collecting bug reports. |
Nick Kralevich | bf8a37b | 2014-06-20 18:11:11 -0700 | [diff] [blame] | 7 | |
| 8 | type vdc, domain; |
| 9 | type vdc_exec, exec_type, file_type; |
| 10 | |
| 11 | init_daemon_domain(vdc) |
| 12 | |
| 13 | unix_socket_connect(vdc, vold, vold) |
Nick Kralevich | c0d1476 | 2014-06-25 12:30:11 -0700 | [diff] [blame] | 14 | |
| 15 | # vdc sends information back to dumpstate when "adb bugreport" is used |
| 16 | allow vdc dumpstate:fd use; |
| 17 | allow vdc dumpstate:unix_stream_socket { read write getattr }; |
| 18 | |
| 19 | # vdc information is written to shell owned bugreport files |
| 20 | allow vdc shell_data_file:file { write getattr }; |
| 21 | |
| 22 | # Why? |
| 23 | allow vdc dumpstate:unix_dgram_socket { read write }; |