• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1###
2### A domain for further sandboxing the GooglePermissionController app.
3###
4type permissioncontroller_app, domain, coredomain;
5
6app_domain(permissioncontroller_app)
7
8allow permissioncontroller_app app_api_service:service_manager find;
9allow permissioncontroller_app system_api_service:service_manager find;
10
11# Allow interaction with gpuservice
12binder_call(permissioncontroller_app, gpuservice)
13
14allow permissioncontroller_app radio_service:service_manager find;
15
16# Allow the app to request and collect incident reports.
17# (Also requires DUMP and PACKAGE_USAGE_STATS permissions)
18allow permissioncontroller_app incident_service:service_manager find;
19binder_call(permissioncontroller_app, incidentd)
20allow permissioncontroller_app incidentd:fifo_file { read write };
21
22allow permissioncontroller_app gpu_device:dir search;
23