1 type fingerprintd, domain, domain_deprecated; 2 type fingerprintd_exec, exec_type, file_type; 3 4 # fingerprintd 5 init_daemon_domain(fingerprintd) 6 binder_use(fingerprintd) 7 8 # need to find KeyStore and add self 9 allow fingerprintd fingerprintd_service:service_manager { add find }; 10 11 # allow HAL module to read dir contents 12 allow fingerprintd fingerprintd_data_file:file { create_file_perms }; 13 14 # allow HAL module to read/write/unlink contents of this dir 15 allow fingerprintd fingerprintd_data_file:dir rw_dir_perms; 16 17 # Need to add auth tokens to KeyStore 18 use_keystore(fingerprintd) 19 allow fingerprintd keystore:keystore_key { add_auth }; 20 21 # For permissions checking 22 binder_call(fingerprintd, system_server); 23 allow fingerprintd permission_service:service_manager find; 24
