type easelservice_app, domain;

app_domain(easelservice_app)

allow easelservice_app app_api_service:service_manager find;
allow easelservice_app surfaceflinger_service:service_manager find;
# Access to mnh_sm driver
allow easelservice_app easel_device:chr_file { read write ioctl open };
# Access to keychain for kernel based authentication
allow easelservice_app kernel:key search;