blob: 3261f424a04d23410deb671eec6cfde20cebf1d2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
type fidodaemon, domain;
type fidodaemon_exec, exec_type, file_type;
#Allow for transition from init domain to fidodaemon
init_daemon_domain(fidodaemon)
#Allow fidodaemon to use Binder IPC
binder_use(fidodaemon)
#Allow apps to interact with fidodaemon
binder_call(fidodaemon, platform_app)
binder_call(fidodaemon, system_app)
#Mark fidodaemon as a Binder service domain
binder_service(fidodaemon)
#Allow fidodaemon to be registered with service manager
allow fidodaemon fidodaemon_service:service_manager add;
#Allow communication with init over property server
unix_socket_connect(fidodaemon, property, init);
#Allow access to tee device
allow fidodaemon tee_device:chr_file rw_file_perms;
#Allow access to firmware
r_dir_file(fidodaemon, firmware_file)
|
