1 type fingerprintd, domain; 2 type fingerprintd_exec, exec_type, file_type; 3 4 binder_use(fingerprintd) 5 6 # Scan through /system/lib64/hw looking for installed HALs 7 allow fingerprintd system_file:dir r_dir_perms; 8 9 # need to find KeyStore and add self 10 add_service(fingerprintd, fingerprintd_service) 11 12 # allow HAL module to read dir contents 13 allow fingerprintd fingerprintd_data_file:file { create_file_perms }; 14 15 # allow HAL module to read/write/unlink contents of this dir 16 allow fingerprintd fingerprintd_data_file:dir rw_dir_perms; 17 18 # Need to add auth tokens to KeyStore 19 use_keystore(fingerprintd) 20 allow fingerprintd keystore:keystore_key { add_auth }; 21 22 # For permissions checking 23 binder_call(fingerprintd, system_server); 24 allow fingerprintd permission_service:service_manager find; 25 26 allow fingerprintd ion_device:chr_file r_file_perms; 27
