xref: /aosp_15_r20/system/sepolicy/prebuilts/api/31.0/public/fingerprintd.te (revision e4a36f4174b17bbab9dc043f4a65dc8d87377290) 
1type fingerprintd, domain;
2type fingerprintd_exec, system_file_type, exec_type, file_type;
3
4binder_use(fingerprintd)
5
6# Scan through /system/lib64/hw looking for installed HALs
7allow fingerprintd system_file:dir r_dir_perms;
8
9# need to find KeyStore and add self
10add_service(fingerprintd, fingerprintd_service)
11
12# allow HAL module to read dir contents
13allow fingerprintd fingerprintd_data_file:file { create_file_perms };
14
15# allow HAL module to read/write/unlink contents of this dir
16allow fingerprintd fingerprintd_data_file:dir rw_dir_perms;
17
18# Need to add auth tokens to KeyStore
19use_keystore(fingerprintd)
20allow fingerprintd keystore:keystore_key { add_auth };
21allow fingerprintd keystore:keystore2 { add_auth };
22
23# For permissions checking
24binder_call(fingerprintd, system_server);
25allow fingerprintd permission_service:service_manager find;
26
27allow fingerprintd ion_device:chr_file r_file_perms;
28