| get_prop(hal_fingerprint_default, hwservicemanager_prop) |
| allow hal_fingerprint_default fwk_stats_hwservice:hwservice_manager find; |
| binder_call(hal_fingerprint_default, statsd) |
| |
| allow hal_fingerprint_default sysfs_fingerprint:dir r_dir_perms; |
| allow hal_fingerprint_default sysfs_fingerprint:file rw_file_perms; |
| allow hal_fingerprint_default sysfs_msm_subsys:dir search; |
| allow hal_fingerprint_default sysfs_msm_subsys:file r_file_perms; |
| allow hal_fingerprint_default tee_device:file rw_file_perms; |
| allow hal_fingerprint_default tee_device:chr_file rw_file_perms; |
| allow hal_fingerprint_default uhid_device:chr_file rw_file_perms; |
| |
| # TODO(b/36644492): Remove data_between_core_and_vendor_violators once |
| # hal_fingerprint no longer directly accesses fingerprintd_data_file. |
| typeattribute hal_fingerprint_default data_between_core_and_vendor_violators; |
| # access to /data/system/users/[0-9]+/fpdata |
| allow hal_fingerprint_default fingerprintd_data_file:file create_file_perms; |
| allow hal_fingerprint_default fingerprintd_data_file:dir rw_dir_perms; |