44 lines
1.1 KiB
Text
44 lines
1.1 KiB
Text
# Policies for hbtp (host based touch processing)
|
|
type hbtp, domain, domain_deprecated;
|
|
type hbtp_exec, exec_type, file_type;
|
|
|
|
init_daemon_domain(hbtp)
|
|
|
|
# Allow access for /dev/hbtp_input and /dev/jdi-bu21150
|
|
allow hbtp { hbtp_device qdsp_device dsp_device bu21150_device }:chr_file rw_file_perms;
|
|
|
|
allow hbtp hbtp_log_file:dir rw_dir_perms;
|
|
allow hbtp hbtp_log_file:file create_file_perms;
|
|
|
|
allow hbtp sysfs_usb_supply:dir search;
|
|
allow hbtp sysfs_usb_supply:file rw_file_perms;
|
|
|
|
allow hbtp hbtp_kernel_sysfs:file rw_file_perms;
|
|
|
|
allow hbtp sysfs:file write;
|
|
|
|
allow hbtp self:netlink_kobject_uevent_socket { create read setopt bind };
|
|
|
|
binder_use(hbtp);
|
|
|
|
allow hbtp improve_touch_service:service_manager add;
|
|
|
|
userdebug_or_eng(`
|
|
binder_call(hbtp, untrusted_app);
|
|
')
|
|
|
|
binder_call(hbtp, platform_app);
|
|
|
|
binder_call(hbtp, surfaceflinger);
|
|
|
|
# Allow the service to access wakelock sysfs
|
|
allow hbtp sysfs_wake_lock:file r_file_perms;
|
|
|
|
# Allow the service to change to system from root
|
|
allow hbtp self:capability { setgid setuid };
|
|
|
|
# Allow load touch driver as touchPD
|
|
r_dir_file(hbtp, adsprpcd_file)
|
|
|
|
# Allow the service to access wakelock capability
|
|
wakelock_use(hbtp)
|