type ims, domain, device_domain_deprecated;
type ims_exec, exec_type, file_type;

init_daemon_domain(ims)

# Policy below to be updated per b/23784951
allow ims self:capability { net_admin net_raw };

binder_use(ims)
set_prop(ims, qcom_ims_prop)
qmux_socket(ims)
unix_socket_connect(ims, cnd, cnd)
allowxperm ims self:udp_socket ioctl SIOCDEVPRIVATE_D;

allow ims ims_service:service_manager add;

allow ims ims_socket:sock_file write;
allow ims self:socket create_socket_perms;
allowxperm ims self:socket ioctl msm_sock_ipc_ioctls;
allow ims self:udp_socket create_socket_perms;
allow ims self:netlink_socket create_socket_perms_no_ioctl;
allow ims self:netlink_route_socket { create_socket_perms_no_ioctl nlmsg_write nlmsg_read };

allow ims sysfs_msm_subsys:dir r_dir_perms;
allow ims sysfs_msm_subsys:lnk_file r_file_perms;