| ### ADB daemon common rules. |
| ### Put things here that are needed for both adbd proper and adbd in trade-in mode. |
| |
| # Connect to mdnsd via mdnsd socket. |
| unix_socket_connect(adbd_common, mdnsd, mdnsd) |
| |
| # adbd probes for vsock support. Do not generate denials when |
| # this occurs. (b/123569840) |
| dontaudit adbd_common self:{ socket vsock_socket } create; |
| |
| # Allow adbd inside vm to forward vm's vsock. |
| allow adbd_common self:vsock_socket { create_socket_perms_no_ioctl listen accept }; |
| |
| # Access device logging gating property |
| get_prop(adbd_common, device_logging_prop) |
| |
| # Use a pseudo tty. |
| allow adbd_common devpts:chr_file rw_file_perms; |
| |
| # Read persist.adb.tls_server.enable property |
| get_prop(adbd_common, system_adbd_prop) |
| |
| # Read whether or not Test Harness Mode is enabled |
| get_prop(adbd_common, test_harness_prop) |
| |
| # Set service.adb.tcp.port, service.adb.tls.port, persist.adb.wifi.* properties |
| set_prop(adbd_common, adbd_prop) |
| set_prop(adbd_common, adbd_config_prop) |
| |
| # Read device's serial number from system properties |
| get_prop(adbd_common, serialno_prop) |