# allow application to access cnd domain and socket
unix_socket_connect(appdomain, cnd, cnd)

# allow application to access dpmd domain and socket
unix_socket_connect(appdomain, dpmwrapper, dpmd)

unix_socket_connect(appdomain, qlogd, qlogd)
unix_socket_send(appdomain, seempdw, seempd)

#Allow all apps to open and send ioctl to qdsp device
allow appdomain qdsp_device:chr_file r_file_perms;
#Allow all apps to have read access to dsp partition
r_dir_file(appdomain, adsprpcd_file)

# access to perflock
allow appdomain mpctl_socket:dir r_dir_perms;
unix_socket_send(appdomain, mpctl, perfd)
unix_socket_connect(appdomain, mpctl, perfd)
unix_socket_send(appdomain, mpctl, mpdecision)
unix_socket_connect(appdomain, mpctl, mpdecision)

# Allow access to qti_logkit
allow { appdomain -untrusted_app } qti_logkit_pub_data_file:dir create_dir_perms;
allow { appdomain -untrusted_app } qti_logkit_pub_data_file:file create_file_perms;
allow appdomain qti_logkit_pub_socket:dir r_dir_perms;
unix_socket_connect(appdomain, qti_logkit_pub, qti_logkit)
allow appdomain qti_logkit_pub_socket:sock_file r_file_perms;
allow appdomain qti_logkit_priv_data_file:dir r_dir_perms;