# servicemanager - the Binder context manager type servicemanager, domain, mlstrustedsubject; type servicemanager_exec, system_file_type, exec_type, file_type; # Note that we do not use the binder_* macros here. # servicemanager is unique in that it only provides # name service (aka context manager) for Binder. # As such, it only ever receives and transfers other references # created by other domains. It never passes its own references # or initiates a Binder IPC. allow servicemanager self:binder set_context_mgr; allow servicemanager { domain -init -vendor_init -hwservicemanager -vndservicemanager }:binder transfer; allow servicemanager service_contexts_file:file r_file_perms; allow servicemanager vendor_service_contexts_file:file r_file_perms; # nonplat_service_contexts only accessible on non full-treble devices not_full_treble(`allow servicemanager vendor_service_contexts_file:file r_file_perms;') add_service(servicemanager, service_manager_service) allow servicemanager dumpstate:fd use; allow servicemanager dumpstate:fifo_file write; # Check SELinux permissions. selinux_check_access(servicemanager) recovery_only(` # In recovery, log to kmsg. allow servicemanager kmsg_device:chr_file rw_file_perms; # Read VINTF files. r_dir_file(servicemanager, rootfs) ')