| Inseob Kim | 338f81b | 2023-01-30 16:27:37 +0900 | [diff] [blame^] | 1 | ;; complement CIL file for compatibility between ToT policy and 29.0 vendors. |
| 2 | ;; will be compiled along with other normal policy files, on 29.0 vendors. |
| 3 | ;; |
| 4 | |
| Jeff Vander Stoep | fb69c8e | 2019-10-16 15:19:40 +0200 | [diff] [blame] | 5 | (typeattribute vendordomain) |
| 6 | (typeattributeset vendordomain ((and (domain) ((not (coredomain)))))) |
| 7 | (allow vendordomain self (netlink_route_socket (nlmsg_readpriv))) |
| Alan Stokes | 8bf8a26 | 2020-11-16 18:10:33 +0000 | [diff] [blame] | 8 | |
| 9 | (typeattributeset mlsvendorcompat (and appdomain vendordomain)) |
| 10 | (allow mlsvendorcompat app_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir))) |
| 11 | (allow mlsvendorcompat app_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads))) |
| 12 | (allow mlsvendorcompat privapp_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir))) |
| 13 | (allow mlsvendorcompat privapp_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads))) |