1type fingerprintd, domain; 2type fingerprintd_exec, exec_type, file_type; 3 4binder_use(fingerprintd) 5 6# Scan through /system/lib64/hw looking for installed HALs 7allow fingerprintd system_file:dir r_dir_perms; 8 9# need to find KeyStore and add self 10add_service(fingerprintd, fingerprintd_service) 11 12# allow HAL module to read dir contents 13allow fingerprintd fingerprintd_data_file:file { create_file_perms }; 14 15# allow HAL module to read/write/unlink contents of this dir 16allow fingerprintd fingerprintd_data_file:dir rw_dir_perms; 17 18# Need to add auth tokens to KeyStore 19use_keystore(fingerprintd) 20allow fingerprintd keystore:keystore_key { add_auth }; 21 22# For permissions checking 23binder_call(fingerprintd, system_server); 24allow fingerprintd permission_service:service_manager find; 25 26r_dir_file(fingerprintd, cgroup) 27r_dir_file(fingerprintd, sysfs_type) 28allow fingerprintd ion_device:chr_file r_file_perms; 29