Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / d32444475103869678902aeaeef67323cbdc6fe0 / . / sepolicy / policy / chromeos / device.te
blob: c24cb34b2b119481422522ec2ec4b1e4f1db18cc [file] [log] [blame]
typeattribute device cros_dev_type;
type audio_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type console_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type input_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type kmsg_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type logger_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type ptmx_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type random_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type tpm_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type urandom_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type usb_device, dev_type, cros_dev_type, cros_labeled_dev_type;
type zero_device, dev_type, cros_dev_type, cros_labeled_dev_type;
typeattribute null_device dev_type, cros_dev_type, cros_labeled_dev_type;
allow chromeos_domain null_device:chr_file rw_file_perms;
allow chromeos_domain console_device:chr_file rw_file_perms;
allow chromeos_domain random_device:chr_file rw_file_perms;
allow chromeos_domain urandom_device:chr_file rw_file_perms;
allow chromeos_domain zero_device:chr_file rw_file_perms;
allow chromeos_domain ptmx_device:chr_file rw_file_perms;
allow cros_labeled_dev_type device:filesystem associate;
# TODO(fqj): cs/SetUpGraphicsSysfsContext
has_arc(`
type gpu_device, dev_type, mlstrustedobject, cros_labeled_dev_type;
allow gpu_device sysfs:filesystem associate;
');