1# loc_launcher service 2type location, domain, domain_deprecated; 3type location_exec, exec_type, file_type; 4 5init_daemon_domain(location) 6 7binder_use(location) 8binder_call(location, per_mgr) 9binder_call(location, system_server) 10 11qmux_socket(location) 12allow location system_server:unix_stream_socket { read write }; 13 14allow location location_data_file:dir rw_dir_perms; 15allow location location_data_file:file create_file_perms; 16allow location location_data_file:sock_file create_file_perms; 17allow location location_exec:file x_file_perms; 18allow location self:{ 19 socket 20 netlink_socket 21 netlink_route_socket 22 udp_socket 23} create_socket_perms; 24 25# create location socket location-mq-s 26allow location location_data_file:sock_file { create setattr unlink }; 27 28# daemon starts as root to obtain all DAC capabilities 29# TODO start as gps user and use filesystem-config to give 30# proper DAC capabilities. 31allow location self:capability { setuid setgid net_admin net_raw }; 32 33# execute /system/bin/lowi-server and /vendor/bin/slim_daemon 34allow location location_exec:file rx_file_perms; 35 36# slim_daemon receives data from Loc_hal_worker 37allow location self:socket create_socket_perms; 38 39allow location sensorservice_service:service_manager find; 40 41# subsystem ramdump for debug builds 42userdebug_or_eng(` 43 allow location sysfs_ssr:dir r_dir_perms; 44 allow location sysfs_ssr:lnk_file read; 45') 46