1*e4a36f41SAndroid Build Coastguard Workertypeattribute hwservicemanager coredomain; 2*e4a36f41SAndroid Build Coastguard Worker 3*e4a36f41SAndroid Build Coastguard Workerinit_daemon_domain(hwservicemanager) 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Workeradd_hwservice(hwservicemanager, hidl_manager_hwservice) 6*e4a36f41SAndroid Build Coastguard Workeradd_hwservice(hwservicemanager, hidl_token_hwservice) 7*e4a36f41SAndroid Build Coastguard Worker 8*e4a36f41SAndroid Build Coastguard Workerset_prop(hwservicemanager, ctl_interface_start_prop) 9*e4a36f41SAndroid Build Coastguard Workerset_prop(hwservicemanager, hwservicemanager_prop) 10*e4a36f41SAndroid Build Coastguard Worker 11*e4a36f41SAndroid Build Coastguard Worker# hwservicemanager is using bootstrap bionic 12*e4a36f41SAndroid Build Coastguard Workeruse_bootstrap_libs(hwservicemanager) 13*e4a36f41SAndroid Build Coastguard Worker 14*e4a36f41SAndroid Build Coastguard Worker# hwservicemanager is using apex_info via libvintf 15*e4a36f41SAndroid Build Coastguard Workeruse_apex_info(hwservicemanager) 16*e4a36f41SAndroid Build Coastguard Worker 17*e4a36f41SAndroid Build Coastguard Worker# Note that we do not use the binder_* macros here. 18*e4a36f41SAndroid Build Coastguard Worker# hwservicemanager provides name service (aka context manager) 19*e4a36f41SAndroid Build Coastguard Worker# for hwbinder. 20*e4a36f41SAndroid Build Coastguard Worker# Additionally, it initiates binder IPC calls to 21*e4a36f41SAndroid Build Coastguard Worker# clients who request service notifications. The permission 22*e4a36f41SAndroid Build Coastguard Worker# to do this is granted in the hwbinder_use macro. 23*e4a36f41SAndroid Build Coastguard Workerallow hwservicemanager self:binder set_context_mgr; 24*e4a36f41SAndroid Build Coastguard Worker 25*e4a36f41SAndroid Build Coastguard Worker# Scan through /system/lib64/hw looking for installed HALs 26*e4a36f41SAndroid Build Coastguard Workerallow hwservicemanager system_file:dir r_dir_perms; 27*e4a36f41SAndroid Build Coastguard Worker 28*e4a36f41SAndroid Build Coastguard Worker# Read hwservice_contexts 29*e4a36f41SAndroid Build Coastguard Workerallow hwservicemanager hwservice_contexts_file:file r_file_perms; 30*e4a36f41SAndroid Build Coastguard Worker 31*e4a36f41SAndroid Build Coastguard Worker# Check SELinux permissions. 32*e4a36f41SAndroid Build Coastguard Workerselinux_check_access(hwservicemanager) 33