1# 2# Context hub multiclient HAL common selinux policies 3# 4 5# Permit communication with AoC 6allow hal_contexthub_default aoc_device:chr_file rw_file_perms; 7 8# Allow context hub HAL to determine AoC's current clock 9allow hal_contexthub_default sysfs_aoc:dir search; 10allow hal_contexthub_default sysfs_aoc_boottime:file r_file_perms; 11 12# Allow context hub HAL to create thread to watch AOC's device 13allow hal_contexthub_default device:dir r_dir_perms; 14 15# Allow context hub HAL to use the USF low latency transport 16usf_low_latency_transport(hal_contexthub_default) 17 18# Allow context hub HAL to talk to the WiFi HAL 19binder_call(hal_contexthub_default, hal_wifi_ext) 20allow hal_contexthub_default hal_wifi_ext_service:service_manager find; 21 22# Allow context hub HAL to talk to stats service 23binder_call(hal_contexthub_default, stats_service_server) 24allow hal_contexthub_default fwk_stats_service:service_manager find; 25 26# Allow context hub HAL to write data to /data/vendor/chre/ directory 27allow hal_contexthub_default chre_data_file:dir create_dir_perms; 28allow hal_contexthub_default chre_data_file:file create_file_perms; 29 30# Allow context hub HAL to use WakeLock 31wakelock_use(hal_contexthub_default) 32 33# Allow context hub HAL to block suspend, which is required to use EPOLLWAKEUP 34allow hal_contexthub_default self:global_capability2_class_set block_suspend; 35 36# Allow binder calls with clients 37binder_call(hal_contexthub_default, hal_sensors_default) 38