blob: e9e2073ea96cf62ef0d0786ba1c166194546e9fd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
#Policy for peripheral_manager
#per_mgr - peripheral_manager domain
type per_mgr, domain;
type per_mgr_exec, exec_type, file_type;
init_daemon_domain(per_mgr);
#Needed for binder transactions
binder_use(per_mgr);
binder_service(per_mgr);
allow per_mgr self:socket { create ioctl bind read write };
allow per_mgr per_mgr_service:service_manager add;
#Rules for peripheral manager clients
#Rules for RILD
binder_call(per_mgr, rild);
binder_call(rild, per_mgr);
#Needed by ipc_router
allow per_mgr self:capability { net_raw };
#Needed to power on the peripheral
allow per_mgr ssr_device:chr_file { open read };
#Needed by libmdmdetect to figure out the system configuration
allow per_mgr sysfs_esoc:dir { open search read };
allow per_mgr sysfs_esoc:lnk_file { read };
#Needed by libmdmdetect to get subsystem info and to check their states
allow per_mgr sysfs_ssr:dir { open search read };
allow per_mgr sysfs_ssr:lnk_file { read open };
#Needed by pm-proxy to talk to peripheral manager
binder_call(per_mgr, per_mgr);
|
