1# bootanimation oneshot service 2type bootanim, domain; 3type bootanim_exec, system_file_type, exec_type, file_type; 4 5hal_client_domain(bootanim, hal_configstore) 6hal_client_domain(bootanim, hal_graphics_allocator) 7hal_client_domain(bootanim, hal_graphics_composer) 8 9binder_use(bootanim) 10binder_call(bootanim, surfaceflinger) 11binder_call(bootanim, audioserver) 12 13hwbinder_use(bootanim) 14 15allow bootanim gpu_device:chr_file rw_file_perms; 16allow bootanim gpu_device:dir r_dir_perms; 17allow bootanim sysfs_gpu:file r_file_perms; 18 19# /oem access 20allow bootanim oemfs:dir r_dir_perms; 21# boot animations on oem are stored with specific label 22allow bootanim bootanim_oem_file:file r_file_perms; 23 24allow bootanim audio_device:dir r_dir_perms; 25allow bootanim audio_device:chr_file rw_file_perms; 26 27allow bootanim audioserver_service:service_manager find; 28allow bootanim surfaceflinger_service:service_manager find; 29allow bootanim surfaceflinger:unix_stream_socket { read write }; 30 31# Allow access to ion memory allocation device 32allow bootanim ion_device:chr_file rw_file_perms; 33 34# Allow access to DMA-BUF system heap 35allow bootanim dmabuf_system_heap_device:chr_file r_file_perms; 36 37allow bootanim hal_graphics_allocator:fd use; 38 39# Fences 40allow bootanim hal_graphics_composer:fd use; 41 42# Read access to pseudo filesystems. 43allow bootanim proc_meminfo:file r_file_perms; 44 45# System file accesses. 46allow bootanim system_file:dir r_dir_perms; 47