Home | History | Annotate | Download | only in vendor 
      1 allow system_server self:socket ioctl;
      2 allowxperm system_server self:socket ioctl msm_sock_ipc_ioctls;
      3 
      4 binder_call(system_server, hal_camera_default)
      5 
      6 allow system_server persist_file:dir search;
      7 allow system_server persist_sensors_file:dir search;
      8 allow system_server persist_sensors_file:file r_file_perms;
      9 allow system_server wlan_device:chr_file rw_file_perms;
     10 
     11 # TODO(b/73123675): BatterySaver needs access to cpufreq. Remove this access
     12 # once cpufreq functionality is hidden behind a HAL.
     13 allow system_server sysfs_devices_system_cpu:file w_file_perms;
     14 
     15 # input files
     16 r_dir_file(system_server, idc_file)
     17 r_dir_file(system_server, keylayout_file)
     18 
     19 # TODO(b/30675296): Remove following dontaudit's upon resolution of this bug
     20 # The timerslack_ns denials spam the system really horribly
     21 dontaudit system_server audioserver:file write;
     22 dontaudit system_server untrusted_app:file write;
     23 dontaudit system_server hal_audio_default:file write;
     24 dontaudit system_server appdomain:file write;
     25 
     26 typeattribute system_server system_writes_vendor_properties_violators;
     27 set_prop(system_server, public_vendor_system_prop)
     28 
     29 dontaudit system_server self:capability sys_module;
     30