| Jim Miller | 54e0e5a | 2016-12-15 19:46:43 -0800 | [diff] [blame] | 1 | # allow HAL module to read dir contents |
| 2 | allow hal_fingerprint fingerprintd_data_file:file create_file_perms; |
| 3 | |
| 4 | # allow HAL module to read/write/unlink contents of this dir |
| 5 | allow hal_fingerprint fingerprintd_data_file:dir rw_dir_perms; |
| 6 | |
| 7 | # Need to add auth tokens to KeyStore |
| 8 | use_keystore(hal_fingerprint) |
| 9 | allow hal_fingerprint keystore:keystore_key add_auth; |
| 10 | |
| 11 | # For permissions checking |
| 12 | binder_call(hal_fingerprint, system_server); |
| 13 | allow hal_fingerprint permission_service:service_manager find; |
| 14 | |
| 15 | # For memory allocation |
| 16 | allow hal_fingerprint ion_device:chr_file r_file_perms; |
| 17 | |
| Jim Miller | 2796009 | 2017-01-18 21:29:57 -0800 | [diff] [blame] | 18 | # Allow fingerprint to find and call keystore binder interfaces |
| 19 | binder_use(hal_fingerprint); |
| 20 | |
| Jim Miller | 54e0e5a | 2016-12-15 19:46:43 -0800 | [diff] [blame] | 21 | r_dir_file(hal_fingerprint, cgroup) |
| Jeff Vander Stoep | 350a603 | 2017-02-10 13:20:52 -0800 | [diff] [blame] | 22 | r_dir_file(hal_fingerprint, sysfs) |