1 allow system_server self:socket ioctl; 2 allowxperm system_server self:socket ioctl msm_sock_ipc_ioctls; 3 4 binder_call(system_server, hal_camera_default) 5 6 allow system_server persist_file:dir search; 7 allow system_server persist_sensors_file:dir search; 8 allow system_server persist_sensors_file:file r_file_perms; 9 allow system_server wlan_device:chr_file rw_file_perms; 10 11 # TODO(b/73123675): BatterySaver needs access to cpufreq. Remove this access 12 # once cpufreq functionality is hidden behind a HAL. 13 allow system_server sysfs_devices_system_cpu:file w_file_perms; 14 15 # input files 16 r_dir_file(system_server, idc_file) 17 r_dir_file(system_server, keylayout_file) 18 19 # TODO(b/30675296): Remove following dontaudit's upon resolution of this bug 20 # The timerslack_ns denials spam the system really horribly 21 dontaudit system_server audioserver:file write; 22 dontaudit system_server untrusted_app:file write; 23 dontaudit system_server hal_audio_default:file write; 24 dontaudit system_server appdomain:file write; 25 26 typeattribute system_server system_writes_vendor_properties_violators; 27 set_prop(system_server, public_vendor_system_prop) 28 29 dontaudit system_server self:capability sys_module; 30