1 # Integrated qualcomm sensor process 2 type sensors, domain; 3 type sensors_exec, exec_type, file_type; 4 5 # Started by init 6 init_daemon_domain(sensors) 7 8 # Change own perms to (nobody,nobody) 9 allow sensors self:capability { setuid setgid }; 10 # Chown /data/misc/sensors/debug/ to nobody 11 allow sensors self:capability chown; 12 dontaudit sensors self:capability fsetid; 13 14 # Access /data/misc/sensors/debug and /data/system/sensors/settings 15 allow sensors self:capability { dac_override dac_read_search }; 16 17 # In a future release of Android, /data/app/sensor_ctl_socket moved 18 # to /dev/socket/sensor_ctl_socket . 19 allow sensors sensors_socket:sock_file create_file_perms; 20 type_transition sensors socket_device:sock_file sensors_socket "sensor_ctl_socket"; 21 allow sensors socket_device:dir rw_dir_perms; 22 23 # Create directories and files under /data/misc/sensors 24 # and /data/system/sensors. Allow generic r/w file access. 25 allow sensors sensors_data_file:dir create_dir_perms; 26 allow sensors sensors_data_file:file create_file_perms; 27 28 # Access sensor nodes (/dev/msm_dsps, /dev/sensors) 29 allow sensors sensors_device:chr_file rw_file_perms; 30 31 # Access power management controls 32 allow sensors power_control_device:chr_file w_file_perms; 33 34 # Access to /persist/sensors 35 allow sensors persist_file:dir r_dir_perms; 36 allow sensors persist_sensors_file:dir rw_dir_perms; 37 allow sensors persist_sensors_file:file create_file_perms; 38 39 # Wake lock access 40 wakelock_use(sensors) 41 42 allow sensors cgroup:dir { create add_name }; 43 44 allow sensors self:socket *; 45 46 # Access shared memory logger 47 allow sensors shared_log_device:chr_file rw_file_perms; 48 49 # Talk to qmuxd (qmux_radio) 50 qmux_socket(sensors) 51
