blob: a8f754d809d400a17c6a0ef4a7ae0f87bf377ac6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
type fidodaemon, domain;
type fidodaemon_exec, exec_type, vendor_file_type, file_type;
#Allow for transition from init domain to fidodaemon
init_daemon_domain(fidodaemon)
#Allow fidodaemon to use Binder IPC
#binder_use(fidodaemon)
#Allow apps to interact with fidodaemon
binder_call(fidodaemon, platform_app)
binder_call(fidodaemon, system_app)
#Mark fidodaemon as a Binder service domain
#binder_service(fidodaemon)
#Allow fidodaemon to be registered with service manager
allow fidodaemon fidodaemon_service:service_manager add;
#Allow access to tee device
allow fidodaemon tee_device:chr_file rw_file_perms;
#Allow access to firmware
r_dir_file(fidodaemon, firmware_file)
|
