| type cros_iioservice, chromeos_domain, domain; |
| permissive cros_iioservice; |
| |
| domain_auto_trans(minijail, cros_iioservice_exec, cros_iioservice); |
| |
| # Allow access to dbus: |
| unix_socket_connect(cros_iioservice, cros_system_bus, cros_browser); |
| allow cros_iioservice cros_browser:unix_stream_socket { read write }; |
| |
| # Used by libiio during scan context. |
| allow cros_iioservice sysfs:file rw_file_perms; |
| |
| # Access to iio device character device. |
| allow cros_iioservice iio_device:chr_file rw_file_perms; |
| |
| # Used by libiio to check if the device is "high speed". Not implemented by the kernel. |
| allowxperm cros_iioservice iio_device:chr_file ioctl 27041; |