allow surfaceflinger sysfs_graphics:file rw_file_perms;

# Allow reading/writing to 'persist/display/*'
allow surfaceflinger persist_display_file:dir rw_dir_perms;
allow surfaceflinger persist_display_file:file create_file_perms;

# Allow only directory search to '/persist'
allow surfaceflinger persist_file:dir search;

# Use open file provided by poweroffhandler
binder_call(surfaceflinger, poweroffhandler);

binder_call(surfaceflinger, location)
binder_call(surfaceflinger, tee)

hal_client_domain(surfaceflinger, hal_display_config)

# access to /data/misc/display for dumping input frames
allow surfaceflinger display_misc_file:dir create_dir_perms;
allow surfaceflinger display_misc_file:file create_file_perms;

# Allows access to dpps daemon in calibration mode
#unix_socket_connect(surfaceflinger, pps, mm-pp-daemon)

r_dir_file(surfaceflinger, firmware_file)

#Allow access to fastmmi
binder_call(surfaceflinger, mmi)

#Allow access to cameraserver service
allow surfaceflinger cameraserver_service:service_manager find;

#Allow access to binder callback's to camera hal
binder_call(surfaceflinger, hal_camera_default)

#diag
userdebug_or_eng(`
    diag_use(surfaceflinger)
')

allow surfaceflinger {
    debug_gralloc_prop
    sdm_idle_time_prop
    sf_lcd_density_prop
}:file r_file_perms;

#set qemu.gles prop
set_prop(surfaceflinger, qemu_gles_prop)