1# aocxd server domain 2type aocxd, domain; 3type aocxd_exec, vendor_file_type, exec_type, file_type; 4init_daemon_domain(aocxd) 5 6# sysfs operations 7allow aocxd sysfs_aoc:dir search; 8 9# dev operations 10allow aocxd aoc_device:chr_file rw_file_perms; 11 12# allow inotify to watch for additions/removals from /dev 13allow aocxd device:dir r_dir_perms; 14 15# set properties 16set_prop(aocxd, vendor_aoc_prop); 17 18# allow binder access 19vndbinder_use(aocxd); 20 21# allow managing wakelocks 22wakelock_use(aocxd); 23 24# add aocx service to the domain 25add_service(aocxd, aocx); 26 27# allow managing thread priority 28allow aocxd self:global_capability_class_set sys_nice; 29 30allow aocxd dumpstate:fd use; 31allow aocxd dumpstate:fifo_file write; 32