| # allow application to access cnd domain and socket |
| #unix_socket_connect(appdomain, cnd, cnd) |
| |
| # allow application to access dpmd domain and socket |
| #unix_socket_connect(appdomain, dpmwrapper, dpmd) |
| |
| #unix_socket_connect(appdomain, qlogd, qlogd) |
| #unix_socket_send(appdomain, seempdw, seempd) |
| |
| #Allow all apps to open and send ioctl to qdsp device |
| allow appdomain qdsp_device:chr_file r_file_perms; |
| #Allow all apps to have read access to dsp partition |
| r_dir_file(appdomain, adsprpcd_file) |
| |
| # Allow access to qti_logkit |
| #allow { appdomain -untrusted_app } qti_logkit_pub_data_file:dir create_dir_perms; |
| #allow { appdomain -untrusted_app } qti_logkit_pub_data_file:file create_file_perms; |
| allow appdomain qti_logkit_pub_socket:dir r_dir_perms; |
| #unix_socket_connect(appdomain, qti_logkit_pub, qti_logkit) |
| #allow appdomain qti_logkit_pub_socket:sock_file r_file_perms; |
| #allow appdomain qti_logkit_priv_data_file:dir r_dir_perms; |
| allow appdomain hwui_prop:file r_file_perms; |
| allow appdomain bservice_prop:file r_file_perms; |
| allow appdomain reschedule_service_prop:file r_file_perms; |
| allow appdomain debug_gralloc_prop:file r_file_perms; |
| |
| # Allow apps to read graphics vulkan property |
| allow appdomain graphics_vulkan_prop:file r_file_perms; |