#integrated sensor process
type ims, domain, domain_deprecated;
type ims_exec, exec_type, file_type;

# Started by init
init_daemon_domain(ims)
net_domain(ims)

# Talk to qmuxd
qmux_socket(ims)

# To make VT call
binder_use(ims)

allow ims self:capability net_bind_service;

# Use generic netlink socket
allow ims self:{
    netlink_socket
    socket
    netlink_generic_socket
} create_socket_perms;

# To run NDC command
allow ims {
    shell_exec
    system_file
    # IMS route installation
    wcnss_service_exec
    # for WPA supplicant
    wpa_exec
}:file rx_file_perms;

# Talk to netd via netd_socket
unix_socket_connect(ims, netd, netd)

# Talk to qumuxd via ims_socket
unix_socket_connect(ims, ims, qmuxd)

# Talk to init via property_socket
unix_socket_connect(ims, property, init)

#Add connectionmanager service
allow ims imscm_service:service_manager add;

# Set property to start imsdata_daemon and ims_rtp_daemon
allow ims qcom_ims_prop:property_service set;

# permissions needed for IMS to connect and interact with WPA supplicant
unix_socket_send(ims, wpa, wpa)
allow ims wpa_socket:dir w_dir_perms;
allow ims wpa_socket:sock_file { create unlink setattr };
allow ims wifi_data_file:dir r_dir_perms;

# permissions for communication with CNE in LBO use case
unix_socket_connect(ims, cnd, cnd)

#Communication with voice_svc device for audio on APP
allow ims voice_device:chr_file rw_file_perms;

#Allow access to netmgrd socket
netmgr_socket(ims);

# Inherit and use open files from radio.
allow ims radio:fd use;

#diag
userdebug_or_eng(`
    diag_use(ims)
')