1 #Policy for peripheral_manager 2 #per_mgr - peripheral_manager domain 3 type per_mgr, domain, device_domain_deprecated; 4 5 type per_mgr_exec, exec_type, file_type; 6 init_daemon_domain(per_mgr); 7 8 #Needed for binder transactions 9 binder_use(per_mgr); 10 binder_service(per_mgr); 11 allow per_mgr self:socket create_socket_perms; 12 allowxperm per_mgr self:socket ioctl msm_sock_ipc_ioctls; 13 allow per_mgr per_mgr_service:service_manager { add find }; 14 15 #Rules for peripheral manager clients 16 #Rules for RILD 17 binder_call(per_mgr, rild); 18 binder_call(rild, per_mgr); 19 20 #Needed by ipc_router 21 allow per_mgr self:capability { net_raw }; 22 23 #Needed to power on the peripheral 24 allow per_mgr ssr_device:chr_file { open read }; 25 26 #Needed by libmdmdetect to figure out the system configuration 27 #allow per_mgr sysfs_esoc:dir { open search read }; 28 #allow per_mgr sysfs_esoc:lnk_file { read }; 29 30 #Needed by libmdmdetect to get subsystem info and to check their states 31 allow per_mgr sysfs_ssr:dir { open search read }; 32 allow per_mgr sysfs_ssr:lnk_file { read open }; 33 34 #Needed by pm-proxy to talk to peripheral manager 35 binder_call(per_mgr, per_mgr); 36 37 allow per_mgr subsys_modem_device:chr_file r_file_perms; 38
