From d75d17c320cba62c38fa9c5ccea01e5905fe2098 Mon Sep 17 00:00:00 2001
From: hanlu <hanlu1@huawei.com>
Date: Wed, 3 May 2023 15:40:58 +0800
Subject: [PATCH 1/3] f

Signed-off-by: hanlu <hanlu1@huawei.com>
---
 sepolicy/base/te/distributeddata.te                              | 1 +
 .../distributeddatamgr/system/distributeddata.te                 | 1 +
 2 files changed, 2 insertions(+)

diff --git a/sepolicy/base/te/distributeddata.te b/sepolicy/base/te/distributeddata.te
index 0721f08fe..c91740918 100644
--- a/sepolicy/base/te/distributeddata.te
+++ b/sepolicy/base/te/distributeddata.te
@@ -57,6 +57,7 @@ allow distributeddata sa_device_auth_service:samgr_class { get };
 allow distributeddata sa_device_security_level_manager_service:samgr_class { get };
 allow distributeddata sa_foundation_bms:samgr_class { get };
 allow distributeddata sa_foundation_cesfwk_service:samgr_class { get };
+allow distributeddata sa_foundation_abilityms:samgr_class { get };
 allow distributeddata sa_huks_service:samgr_class { get };
 allow distributeddata sa_softbus_service:samgr_class { get };
 allow distributeddata security_param:file { map open read };
diff --git a/sepolicy/ohos_policy/distributeddatamgr/distributeddatamgr/system/distributeddata.te b/sepolicy/ohos_policy/distributeddatamgr/distributeddatamgr/system/distributeddata.te
index 2783de1ec..e7ee55f27 100644
--- a/sepolicy/ohos_policy/distributeddatamgr/distributeddatamgr/system/distributeddata.te
+++ b/sepolicy/ohos_policy/distributeddatamgr/distributeddatamgr/system/distributeddata.te
@@ -65,6 +65,7 @@ allow distributeddata sa_accountmgr:samgr_class { get };
 allow distributeddata sa_dataobs_mgr_service_service:samgr_class { get };
 allow distributeddata sa_distributeddata_service:samgr_class { add get };
 allow distributeddata sa_foundation_devicemanager_service:samgr_class { get };
+allow distributeddata sa_foundation_abilityms:samgr_class { get };
 allow distributeddata sa_param_watcher:samgr_class { get };
 allow distributeddata samain_exec:file { entrypoint execute read };
 allow distributeddata samgr:binder { call transfer };
-- 
Gitee


From defd6d3d0a5fe0155aceb225e2da18cf9e431f18 Mon Sep 17 00:00:00 2001
From: hanlu <hanlu1@huawei.com>
Date: Thu, 4 May 2023 14:46:56 +0800
Subject: [PATCH 2/3] f

Signed-off-by: hanlu <hanlu1@huawei.com>
---
 sepolicy/base/te/distributeddata.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sepolicy/base/te/distributeddata.te b/sepolicy/base/te/distributeddata.te
index c91740918..ac3bd91d8 100644
--- a/sepolicy/base/te/distributeddata.te
+++ b/sepolicy/base/te/distributeddata.te
@@ -70,4 +70,7 @@ allow distributeddata system_core_hap:binder { call transfer };
 allow distributeddata sys_usb_param:file { map open read };
 allow distributeddata tracefs:dir { search };
 allow distributeddata tracefs_trace_marker_file:file { open write };
+allow distributeddata system_core_hap:fd { use };
+allow distributeddata system_basic_hap:fd { use };
+allow distributeddata normal_hap:fd { use };
 allowxperm distributeddata normal_hap_data_file_attr:file ioctl { 0xf50c };
-- 
Gitee


From f1ffd5febe0798a54351cd5807d34f41033d7245 Mon Sep 17 00:00:00 2001
From: hanlu <hanlu1@huawei.com>
Date: Thu, 4 May 2023 16:43:06 +0800
Subject: [PATCH 3/3] f

Signed-off-by: hanlu <hanlu1@huawei.com>
---
 sepolicy/base/te/system_basic_hap.te | 1 +
 sepolicy/base/te/system_core_hap.te  | 1 +
 2 files changed, 2 insertions(+)

diff --git a/sepolicy/base/te/system_basic_hap.te b/sepolicy/base/te/system_basic_hap.te
index bfec85ed3..12e6e0c4f 100644
--- a/sepolicy/base/te/system_basic_hap.te
+++ b/sepolicy/base/te/system_basic_hap.te
@@ -138,3 +138,4 @@ allow system_basic_hap sa_locationhub_lbsservice_gnss:samgr_class { get };
 allow system_basic_hap sa_locationhub_lbsservice_network:samgr_class { get };
 allow system_basic_hap sa_locationhub_lbsservice_passive:samgr_class { get };
 allow system_basic_hap sa_location_geo_convert_service:samgr_class { get };
+allow system_basic_hap distributeddata:fd { use };
diff --git a/sepolicy/base/te/system_core_hap.te b/sepolicy/base/te/system_core_hap.te
index 9a708ce57..a9e222692 100644
--- a/sepolicy/base/te/system_core_hap.te
+++ b/sepolicy/base/te/system_core_hap.te
@@ -119,6 +119,7 @@ allow system_core_hap system_usr_file:dir { search };
 allow system_core_hap sys_usb_param:file { map open read };
 allow system_core_hap tracefs:dir { search };
 allow system_core_hap tracefs_trace_marker_file:file { open write };
+allow system_core_hap distributeddata:fd { use };
 allowxperm system_core_hap dev_dri_file:chr_file ioctl { 0x641f };
 allowxperm system_core_hap dev_mali:chr_file ioctl { 0x8000 0x8001 0x8002 0x8003 0x8005 0x8006 0x8007 0x800f 0x800e 0x8011 0x8014 0x8016 0x8018 0x8019 0x801d 0x801e 0x8024 0x8025 0x8026 0x8027 0x802a 0x802c 0x802d 0x802f 0x8030 0x8033 0x8034 0x8036 };
 allowxperm system_core_hap system_core_hap_data_file:file ioctl { 0x5413 0xf50c };
-- 
Gitee