| # Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. |
| # SPDX-License-Identifier: BSD-3-Clause-Clear |
| |
| #Define domain |
| type vendor_hal_umd_qti, domain; |
| type vendor_hal_umd_qti_exec, file_type, vendor_file_type, exec_type; |
| |
| type vendor_pcm_device, dev_type; |
| |
| typeattribute vendor_hal_umd_qti hal_camera_client; |
| typeattribute vendor_hal_umd_qti hal_audio_client; |
| |
| #Allow for transition from init domain to umdservice |
| init_daemon_domain(vendor_hal_umd_qti) |
| |
| #Allow a base set of permissions required |
| hal_server_domain(vendor_hal_umd_qti, vendor_hal_umd) |
| binder_call(vendor_hal_umd_client, vendor_hal_umd_server) |
| binder_call(vendor_hal_umd_server, vendor_hal_umd_client) |
| |
| #Ability for domain to get vendor_hal_umd_hwservice to hwservice_manager |
| #and find it |
| hal_attribute_hwservice(vendor_hal_umd, vendor_hal_umd_hwservice) |
| |
| #Allow a base set of permissions for the domain to be the client of hal_graphics_allocator |
| hal_client_domain(vendor_hal_umd_qti, hal_graphics_allocator) |
| |
| allow vendor_hal_umd_qti video_device:chr_file rw_file_perms; |
| |
| #Allow the domain to access the properties required |
| get_prop(vendor_hal_umd_qti, vendor_umd_prop) |
| get_prop(vendor_hal_umd_qti, usb_control_prop) |
| get_prop(vendor_hal_umd_qti, codec2_config_prop) |
| get_prop(vendor_hal_umd_qti, vendor_video_prop) |
| |
| #Allow the domain to access the uvent socket and the audio device |
| allow vendor_hal_umd_qti self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; |
| allow vendor_hal_umd_qti vendor_pcm_device:chr_file rw_file_perms; |
| allow vendor_hal_umd_qti audio_device:dir r_dir_perms; |
| |
| #Allow the domain to access the configfs file and dir |
| allow vendor_hal_umd_qti configfs:file r_file_perms; |
| allow vendor_hal_umd_qti configfs:dir r_dir_perms; |
| |
| #allow the domain to access dmabuf |
| allow vendor_hal_umd_qti dmabuf_system_heap_device:chr_file r_file_perms; |