1 # easel service 2 type easel, domain; 3 type easel_exec, exec_type, vendor_file_type, file_type; 4 5 init_daemon_domain(easel) 6 7 hwbinder_use(easel) 8 add_hwservice(easel, hal_paintbox_hwservice) 9 get_prop(easel, hwservicemanager_prop) 10 11 # access easel dev nodes 12 allow easel easel_device:chr_file rw_file_perms; 13 allow easel sysfs_easel:file rw_file_perms; 14 allow easel sysfs_easel:dir r_dir_perms; 15 16 # access easel thermal sysfs 17 allow easel sysfs_thermal:dir r_dir_perms; 18 allow easel sysfs_thermal:file r_file_perms; 19 allow easel sysfs_thermal:lnk_file r_file_perms; 20 21 # access "/proc/stat" 22 allow easel proc_stat:file r_file_perms; 23 24 allow easel google_camera_app:binder call; 25 allow easel hal_camera_default:binder call; 26 allow easel hal_neuralnetworks_paintbox:binder call; 27 28 allow easel hal_graphics_allocator_default:fd use; 29 allow easel ion_device:chr_file r_file_perms; 30 31 # access to keychain for kernel based authentication 32 allow easel kernel:key search;
