1# Copyright (c) 2022 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14type multimodalinput, sadomain, domain; 15 16allow multimodalinput bootanimation:fd { use }; 17allow multimodalinput data_file:dir { search }; 18allow multimodalinput data_init_agent:dir { search }; 19allow multimodalinput data_init_agent:file { open read append ioctl }; 20allow multimodalinput data_log:dir { search write add_name create }; 21allow multimodalinput data_log:file { create open read write ioctl }; 22allow multimodalinput data_service_file:dir { search }; 23allow multimodalinput data_service_el1_file:dir { search }; 24allow multimodalinput data_service_el1_file:file { open read }; 25allow multimodalinput dev_dri_file:dir { search }; 26allow multimodalinput dev_dri_file:chr_file { open read write getattr ioctl }; 27allow multimodalinput dev_kmsg_file:chr_file { open write }; 28allow multimodalinput dev_input_file:chr_file { ioctl }; 29allow multimodalinput dev_unix_socket:dir { search }; 30allow multimodalinput dev_unix_socket:sock_file { write }; 31allow multimodalinput disp_gralloc_host:binder { call }; 32allow multimodalinput disp_gralloc_host:fd { use }; 33allow multimodalinput hdf_hdi_display_gralloc_service:hdf_devmgr_class { get }; 34allow multimodalinput faultloggerd_socket:sock_file { write }; 35allow multimodalinput faultloggerd:unix_stream_socket { connectto }; 36allow multimodalinput foundation:binder { call transfer }; 37allow multimodalinput hdf_devmgr:binder { call }; 38allow multimodalinput input_pointer_device_param:parameter_service { set }; 39allow multimodalinput multimodalinput:netlink_kobject_uevent_socket { bind create getattr setopt read }; 40#allow multimodalinput multimodalinput:process { ptrace }; 41allow multimodalinput param_watcher:binder { call transfer }; 42allow multimodalinput render_service:binder { call transfer }; 43allow multimodalinput resource_schedule_service:binder { call }; 44allow multimodalinput rootfs:chr_file { write }; 45allow multimodalinput sa_device_service_manager:samgr_class { get }; 46allow multimodalinput sa_foundation_dms:samgr_class { get }; 47allow multimodalinput sa_foundation_wms:samgr_class { get }; 48allow multimodalinput sa_multimodalinput_service:samgr_class { get }; 49allow multimodalinput sa_render_service:samgr_class { get }; 50allow multimodalinput sh:binder { call }; 51allow multimodalinput sys_file:dir { open read }; 52allow multimodalinput sys_file:file { getattr open read }; 53allow multimodalinput system_bin_file:dir { search }; 54allow multimodalinput system_bin_file:file { execute execute_no_trans map read open }; 55allow multimodalinput tracefs:dir { search }; 56allow multimodalinput tracefs:file { open write }; 57allow multimodalinput tracefs_trace_marker_file:file { open write }; 58allow multimodalinput vendor_etc_file:dir { search }; 59allow multimodalinput vendor_etc_file:file { getattr open read }; 60allow normal_hap multimodalinput:unix_stream_socket { read write }; 61allow normal_hap sa_multimodalinput_service:samgr_class { get }; 62allow system_basic_hap multimodalinput:unix_stream_socket { read }; 63allow system_basic_hap multimodalinput:unix_stream_socket { read write }; 64allow system_core_hap multimodalinput:unix_stream_socket { read }; 65allowxperm multimodalinput data_log:file ioctl { 0x5413 }; 66allowxperm multimodalinput dev_dri_file:chr_file ioctl { 0x641f }; 67allowxperm multimodalinput dev_input_file:chr_file ioctl { 0x4503 0x4560 0x4542 0x4548 0x456f 0x450a 0x4559 0x4568 0x455a 0x455b }; 68