1allow adbd self:{ socket vsock_socket } {create listen accept rw_socket_perms_no_ioctl};
2# TODO(b/130668487): Label the vsock sockets.
3allow adbd unlabeled:{socket vsock_socket} rw_socket_perms_no_ioctl;
4allow adbd kernel:system module_request;
5
6recovery_only(`
7allow adbd tmpfs:dir w_dir_perms;
8allow adbd tmpfs:file create_file_perms;
9# TODO(b/130668487): Label the vsock sockets.
10allow su unlabeled:{ socket vsock_socket } rw_socket_perms_no_ioctl;
11')
12