device_google_wahoo/sepolicy/vendor/cnd.te

type cnd, domain;
type cnd_exec, exec_type, vendor_file_type, file_type;
file_type_auto_trans(cnd, socket_device, cnd_socket);

# cnd is started by init, type transit from init domain to cnd domain
init_daemon_domain(cnd)

#TODO remove chown fsetid setgid setuid once b/62571088 is resolved
allow cnd self:capability { chown fsetid setgid setuid net_bind_service };

allow cnd self:udp_socket create_socket_perms;
allowxperm cnd self:udp_socket ioctl SIOCGIFMTU;

allow cnd sysfs_timestamp_switch:file r_file_perms;
r_dir_file(cnd, sysfs_msm_subsys)
r_dir_file(cnd, sysfs_diag)
r_dir_file(cnd, sysfs_soc)

allow cnd proc_meminfo:file r_file_perms;

set_prop(cnd, cnd_prop)

allow cnd self:socket create_socket_perms;
allowxperm cnd self:socket ioctl msm_sock_ipc_ioctls;

# To register cnd to hwbinder
add_hwservice(cnd, hal_cne_hwservice)
hwbinder_use(cnd)
get_prop(cnd, hwservicemanager_prop)
binder_call(cnd, dataservice_app)
binder_call(cnd, ims)