1# evs app 2type evs_app, domain, coredomain; 3hal_client_domain(evs_app, hal_evs) 4hal_client_domain(evs_app, hal_vehicle) 5 6# allow init to launch processes in this context 7type evs_app_exec, exec_type, file_type; 8init_daemon_domain(evs_app) 9 10# gets access to its own files on disk 11type evs_app_files, file_type; 12allow evs_app evs_app_files:file { getattr open read }; 13allow evs_app evs_app_files:dir search; 14 15# Allow use of gralloc buffers and EGL 16allow evs_app hal_graphics_allocator_default:fd use; 17allow evs_app gpu_device:chr_file ioctl; 18allow evs_app gpu_device:chr_file { getattr open read write }; 19 20# Permit communication with the vehicle HAL 21# (Communcations with the rest of the EVS stack is allowed via hal_evs) 22binder_call(evs_app, hal_vehicle); 23