1#Policy for peripheral_manager 2#per_mgr - peripheral_manager domain 3type per_mgr, domain, domain_deprecated; 4 5type per_mgr_exec, exec_type, file_type; 6init_daemon_domain(per_mgr); 7 8#Needed for binder transactions 9binder_use(per_mgr); 10binder_service(per_mgr); 11allow per_mgr self:socket create_socket_perms; 12allow per_mgr per_mgr_service:service_manager { add find }; 13 14#Rules for peripheral manager clients 15#Rules for RILD 16binder_call(per_mgr, rild); 17binder_call(rild, per_mgr); 18 19#Needed by ipc_router 20allow per_mgr self:capability { net_raw }; 21 22#Needed to power on the peripheral 23allow per_mgr ssr_device:chr_file { open read }; 24 25#Needed by libmdmdetect to figure out the system configuration 26#allow per_mgr sysfs_esoc:dir { open search read }; 27#allow per_mgr sysfs_esoc:lnk_file { read }; 28 29#Needed by libmdmdetect to get subsystem info and to check their states 30allow per_mgr sysfs_ssr:dir { open search read }; 31allow per_mgr sysfs_ssr:lnk_file { read open }; 32 33#Needed by pm-proxy to talk to peripheral manager 34binder_call(per_mgr, per_mgr); 35 36allow per_mgr subsys_modem_device:chr_file r_file_perms; 37