1# evs app 2type evs_app, domain, coredomain; 3hal_client_domain(evs_app, hal_evs) 4hal_client_domain(evs_app, hal_vehicle) 5hal_client_domain(evs_app, hal_configstore) 6hal_client_domain(evs_app, hal_graphics_allocator) 7 8# allow init to launch processes in this context 9type evs_app_exec, exec_type, file_type, system_file_type; 10init_daemon_domain(evs_app) 11 12# gets access to its own files on disk 13type evs_app_files, file_type, system_file_type; 14allow evs_app evs_app_files:file { getattr open read }; 15allow evs_app evs_app_files:dir search; 16 17# Allow use of gralloc buffers and EGL 18allow evs_app gpu_device:chr_file rw_file_perms; 19allow evs_app ion_device:chr_file r_file_perms; 20allow evs_app system_file:dir r_dir_perms; 21 22# Allow use of binder and find surfaceflinger 23binder_use(evs_app); 24allow evs_app surfaceflinger_service:service_manager find; 25