1 # evs app 2 type evs_app, domain, coredomain; 3 hal_client_domain(evs_app, hal_evs) 4 hal_client_domain(evs_app, hal_vehicle) 5 6 # allow init to launch processes in this context 7 type evs_app_exec, exec_type, file_type; 8 init_daemon_domain(evs_app) 9 10 # gets access to its own files on disk 11 type evs_app_files, file_type; 12 allow evs_app evs_app_files:file { getattr open read }; 13 allow evs_app evs_app_files:dir search; 14 15 # Allow use of gralloc buffers and EGL 16 allow evs_app hal_graphics_allocator_default:fd use; 17 allow evs_app gpu_device:chr_file ioctl; 18 allow evs_app gpu_device:chr_file { getattr open read write }; 19 20 # Permit communication with the vehicle HAL 21 # (Communcations with the rest of the EVS stack is allowed via hal_evs) 22 binder_call(evs_app, hal_vehicle); 23
