32 lines
939 B
Plaintext
32 lines
939 B
Plaintext
# easel service
|
|
type easel, domain;
|
|
type easel_exec, exec_type, vendor_file_type, file_type;
|
|
|
|
init_daemon_domain(easel)
|
|
|
|
hwbinder_use(easel)
|
|
add_hwservice(easel, hal_paintbox_hwservice)
|
|
get_prop(easel, hwservicemanager_prop)
|
|
|
|
# access easel dev nodes
|
|
allow easel easel_device:chr_file rw_file_perms;
|
|
allow easel sysfs_easel:file rw_file_perms;
|
|
allow easel sysfs_easel:dir r_dir_perms;
|
|
|
|
# access easel thermal sysfs
|
|
allow easel sysfs_thermal:dir r_dir_perms;
|
|
allow easel sysfs_thermal:file r_file_perms;
|
|
allow easel sysfs_thermal:lnk_file r_file_perms;
|
|
|
|
# access "/proc/stat"
|
|
allow easel proc_stat:file r_file_perms;
|
|
|
|
allow easel google_camera_app:binder call;
|
|
allow easel hal_camera_default:binder call;
|
|
allow easel hal_neuralnetworks_paintbox:binder call;
|
|
|
|
allow easel hal_graphics_allocator_default:fd use;
|
|
allow easel ion_device:chr_file r_file_perms;
|
|
|
|
# access to keychain for kernel based authentication
|
|
allow easel kernel:key search; |