| # vdc is a helper program for making Binder calls to vold. It is spawned from |
| # init for various reasons, such as initializing file-based encryption and |
| # metadata encryption, and managing userdata checkpointing. |
| # |
| # We also transition into this domain from dumpstate, when |
| # collecting bug reports. |
| type vdc, domain; |
| type vdc_exec, system_file_type, exec_type, file_type; |
| |
| # system/sepolicy/public is for vendor-facing type and attribute definitions. |
| # DO NOT ADD allow, neverallow, or dontaudit statements here. |
| # Instead, add such policy rules to system/sepolicy/private/*.te. |