public/virtual_touchpad.te - LeafOS-Project/android_system_sepolicy - Gitiles

 type virtual_touchpad, domain;
 type virtual_touchpad_exec, exec_type, file_type;

 binder_use(virtual_touchpad)
 binder_service(virtual_touchpad)
 add_service(virtual_touchpad, virtual_touchpad_service)

 # Requires access to /dev/uinput to create and feed the virtual device.
 allow virtual_touchpad uhid_device:chr_file { w_file_perms ioctl };

 # Limit access so that nothing else can inject input.
 neverallow { domain -system_app -virtual_touchpad } virtual_touchpad_service:service_manager find;
	type virtual_touchpad, domain;
	type virtual_touchpad_exec, exec_type, file_type;

	binder_use(virtual_touchpad)
	binder_service(virtual_touchpad)
	add_service(virtual_touchpad, virtual_touchpad_service)

	# Requires access to /dev/uinput to create and feed the virtual device.
	allow virtual_touchpad uhid_device:chr_file { w_file_perms ioctl };

	# Limit access so that nothing else can inject input.
	neverallow { domain -system_app -virtual_touchpad } virtual_touchpad_service:service_manager find;