| Jeongik Cha | 77a3ca6 | 2024-04-09 15:02:28 +0900 | [diff] [blame] | 1 | type vmlauncher_app, domain; |
| 2 | typeattribute vmlauncher_app coredomain; |
| 3 | |
| 4 | app_domain(vmlauncher_app) |
| 5 | |
| 6 | allow vmlauncher_app app_api_service:service_manager find; |
| 7 | allow vmlauncher_app system_api_service:service_manager find; |
| 8 | |
| 9 | allow vmlauncher_app shell_data_file:dir search; |
| 10 | allow vmlauncher_app shell_data_file:file { read open write }; |
| 11 | virtualizationservice_use(vmlauncher_app) |
| 12 | |
| 13 | is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, ` |
| 14 | # TODO(b/332677707): remove them when display service uses binder RPC. |
| 15 | allow vmlauncher_app virtualization_service:service_manager find; |
| 16 | allow vmlauncher_app virtualizationservice:binder call; |
| 17 | allow vmlauncher_app crosvm:binder { call transfer }; |
| 18 | ') |