per_mgr.te revision 051bcb37133dba600512654a87dc1371f40191b2
1# Policy for pm-service and pm-proxy 2type per_mgr, domain; 3type per_mgr_exec, exec_type, vendor_file_type, file_type; 4 5init_daemon_domain(per_mgr); 6 7add_service(per_mgr, per_mgr_service) 8 9vndbinder_use(per_mgr) 10binder_call(per_mgr, hal_gnss) 11 12# TODO(b/36570300): Remove this once per_mgr stops using Binder 13typeattribute per_mgr binder_in_vendor_violators; 14binder_use(per_mgr) 15binder_call(per_mgr, per_proxy) 16binder_call(per_mgr, wcnss_service) 17binder_call(per_mgr, rild) 18binder_call(per_mgr, system_server) 19 20allow per_mgr self:capability net_bind_service; 21 22allow per_mgr firmware_file:file r_file_perms; 23allow per_mgr firmware_file:dir search; 24 25allow per_mgr self:socket create_socket_perms; 26allowxperm per_mgr self:socket ioctl msm_sock_ipc_ioctls; 27allow per_mgr ssr_device:chr_file { open read }; 28 29r_dir_file(per_mgr, sysfs_msm_subsys) 30r_dir_file(per_mgr, sysfs) 31