device_google_zuma/radio/liboemservice_proxy.te

type liboemservice_proxy_default, domain;
type liboemservice_proxy_default_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(liboemservice_proxy_default)

# Allow proxy to register as android service.
binder_use(liboemservice_proxy_default);
add_service(liboemservice_proxy_default, liboemservice_proxy_service);

get_prop(liboemservice_proxy_default, hwservicemanager_prop)
binder_call(liboemservice_proxy_default, hwservicemanager)
binder_call(liboemservice_proxy_default, dmd)
allow liboemservice_proxy_default hal_vendor_oem_hwservice:hwservice_manager find;
allow liboemservice_proxy_default radio_vendor_data_file:dir create_dir_perms;
allow liboemservice_proxy_default radio_vendor_data_file:file create_file_perms;

# Grant to access serial device for external logging tool
allow liboemservice_proxy_default serial_device:chr_file rw_file_perms;

# Grant to access radio device
allow liboemservice_proxy_default radio_device:chr_file rw_file_perms;

# Grant to access slog dir/file
allow liboemservice_proxy_default vendor_slog_file:dir create_dir_perms;
allow liboemservice_proxy_default vendor_slog_file:file create_file_perms;

# Grant to access tcp socket
allow liboemservice_proxy_default node:tcp_socket node_bind;
allow liboemservice_proxy_default self:tcp_socket { create_socket_perms_no_ioctl listen accept bind };

# Grant to access log related properties
set_prop(liboemservice_proxy_default, vendor_diag_prop)
set_prop(liboemservice_proxy_default, vendor_slog_prop)
set_prop(liboemservice_proxy_default, vendor_modem_prop)
get_prop(liboemservice_proxy_default, vendor_persist_config_default_prop)